BAD SU

classic Classic list List threaded Threaded
12 messages Options
Reply | Threaded
Open this post in threaded view
|

BAD SU

philippe aubry
Hello

I have some strange behavior with su in openbsd 4.6,
I have two users root and test, test user is in wheel group with usermod
-G wheel test, when i try to be root with su -
I have the sorry message and in the /var/log/authlog I have :
BAD SU test to root on /dev/ttyp0

I'm sure about the root password, cat from /etc/group show me that test
user is in wheel group.
If I remove the test user and recreate it whith adduser and specify to
add test user in the wheel group I have the same behavior
If I try to get root privilege with su root - I have the same result.

What I do wrong or missing.

Phil

Reply | Threaded
Open this post in threaded view
|

Re: BAD SU

Nick Guenther
On Sun, Nov 29, 2009 at 4:51 PM, phil <[hidden email]> wrote:

> Hello
>
> I have some strange behavior with su in openbsd 4.6,
> I have two users root and test, test user is in wheel group with usermod -G
> wheel test, when i try to be root with su -
> I have the sorry message and in the /var/log/authlog I have :
> BAD SU test to root on /dev/ttyp0
>
> I'm sure about the root password, cat from /etc/group show me that test user
> is in wheel group.
> If I remove the test user and recreate it whith adduser and specify to add
> test user in the wheel group I have the same behavior
> If I try to get root privilege with su root - I have the same result.
>
> What I do wrong or missing.
>

Hmm. Try the obvious first: what does groups say about your test user?

Reply | Threaded
Open this post in threaded view
|

Re: BAD SU

philippe aubry
Nick Guenther wrote:

> On Sun, Nov 29, 2009 at 4:51 PM, phil <[hidden email]> wrote:
>  
>> Hello
>>
>> I have some strange behavior with su in openbsd 4.6,
>> I have two users root and test, test user is in wheel group with usermod -G
>> wheel test, when i try to be root with su -
>> I have the sorry message and in the /var/log/authlog I have :
>> BAD SU test to root on /dev/ttyp0
>>
>> I'm sure about the root password, cat from /etc/group show me that test user
>> is in wheel group.
>> If I remove the test user and recreate it whith adduser and specify to add
>> test user in the wheel group I have the same behavior
>> If I try to get root privilege with su root - I have the same result.
>>
>> What I do wrong or missing.
>>
>>    
>
> Hmm. Try the obvious first: what does groups say about your test user?
>
>  
User test is in test group like this test:*:1000: and for /etc/passwd
like this test:*:1000:1000:test:/home/test:/bin/ksh
groupinfo test say :
name         test
passwd     *
gid             1000
members

if I check wheel group test is in wheel group :
name          wheel
passwd      *
gid              0
members   root   test

If I check test user I have this :
login          test
passwd       HASH KEY
uid               1000
group         test wheel
change      NEVER
.....


What can I check ? because everythink seems OK

Phil

Reply | Threaded
Open this post in threaded view
|

Re: BAD SU

Alexander Hall
In reply to this post by Nick Guenther
Nick Guenther wrote:

> On Sun, Nov 29, 2009 at 4:51 PM, phil <[hidden email]> wrote:
>> Hello
>>
>> I have some strange behavior with su in openbsd 4.6,
>> I have two users root and test, test user is in wheel group with usermod -G
>> wheel test, when i try to be root with su -
>> I have the sorry message and in the /var/log/authlog I have :
>> BAD SU test to root on /dev/ttyp0
>>
>> I'm sure about the root password, cat from /etc/group show me that test user
>> is in wheel group.
>> If I remove the test user and recreate it whith adduser and specify to add
>> test user in the wheel group I have the same behavior
>> If I try to get root privilege with su root - I have the same result.
>>
>> What I do wrong or missing.
>>
>
> Hmm. Try the obvious first: what does groups say about your test user?

Also, the new group does not apply to an already logged in user. Use
id(1) to see if you are who you seem to be.

Reply | Threaded
Open this post in threaded view
|

Re: BAD SU

Brad Tilley-4
In reply to this post by philippe aubry
On Sun, Nov 29, 2009 at 4:51 PM, phil <[hidden email]> wrote:

> Hello
>
> I have some strange behavior with su in openbsd 4.6,
> I have two users root and test, test user is in wheel group with usermod -G
> wheel test, when i try to be root with su -
> I have the sorry message and in the /var/log/authlog I have :
> BAD SU test to root on /dev/ttyp0
>
> I'm sure about the root password, cat from /etc/group show me that test user
> is in wheel group.
> If I remove the test user and recreate it whith adduser and specify to add
> test user in the wheel group I have the same behavior
> If I try to get root privilege with su root - I have the same result.
>
> What I do wrong or missing.
>
> Phil

I see the same on 4.6-release. The initial user I added during install
can su and sudo OK, but users I add now cannot. 4.6-current works OK,
no problems. Here's how I tested on release:

useradd -m test
usermod -G wheel test
grep /etc/group (to see that test is indeed in the wheel group, he is)

I tried a couple of different user names (Just in case it was
something specific to test) and they all behave the same.

id shows test as uid 1001 gid 10 groups 10 and 0

Brad

Reply | Threaded
Open this post in threaded view
|

Re: BAD SU

philippe aubry
In reply to this post by Alexander Hall
Alexander Hall wrote:

> Nick Guenther wrote:
>  
>> On Sun, Nov 29, 2009 at 4:51 PM, phil <[hidden email]> wrote:
>>    
>>> Hello
>>>
>>> I have some strange behavior with su in openbsd 4.6,
>>> I have two users root and test, test user is in wheel group with usermod -G
>>> wheel test, when i try to be root with su -
>>> I have the sorry message and in the /var/log/authlog I have :
>>> BAD SU test to root on /dev/ttyp0
>>>
>>> I'm sure about the root password, cat from /etc/group show me that test user
>>> is in wheel group.
>>> If I remove the test user and recreate it whith adduser and specify to add
>>> test user in the wheel group I have the same behavior
>>> If I try to get root privilege with su root - I have the same result.
>>>
>>> What I do wrong or missing.
>>>
>>>      
>> Hmm. Try the obvious first: what does groups say about your test user?
>>    
>
> Also, the new group does not apply to an already logged in user. Use
> id(1) to see if you are who you seem to be.
>
>  
I do some more test, if I use the test user directly on the main console
everythink is ok
I can connect with test user and I can do an su - and be root

If I do the same think from a linux term after ssh test@bazard I can
connect with user test but I cannot  be gain root privilege with an su -

If I run id from linux term after an ssh test@bazard I have this :
$ id
uid=1000(test) gid=1000(test) groups=1000(test), 0(wheel)
$
If I run id directly from main console I have the same thing :
$ id
uid=1000(test) gid=1000(test) groups=1000(test), 0(wheel)
$

Phil

Reply | Threaded
Open this post in threaded view
|

Re: BAD SU

Brad Tilley-4
In reply to this post by Brad Tilley-4
On Sun, Nov 29, 2009 at 6:28 PM, Brad Tilley <[hidden email]> wrote:

> I see the same on 4.6-release. The initial user I added during install
> can su and sudo

Just to be clear, 'sudo su' works for newly added users who are in the
wheel group, but su by itself does not. Apologies for the confusion.

Brad

Reply | Threaded
Open this post in threaded view
|

Re: BAD SU

Alexander Hall
In reply to this post by philippe aubry
phil wrote:

> Alexander Hall wrote:
>> Nick Guenther wrote:
>>  
>>> On Sun, Nov 29, 2009 at 4:51 PM, phil <[hidden email]> wrote:
>>>    
>>>> Hello
>>>>
>>>> I have some strange behavior with su in openbsd 4.6,
>>>> I have two users root and test, test user is in wheel group with
>>>> usermod -G
>>>> wheel test, when i try to be root with su -
>>>> I have the sorry message and in the /var/log/authlog I have :
>>>> BAD SU test to root on /dev/ttyp0
>>>>
>>>> I'm sure about the root password, cat from /etc/group show me that
>>>> test user
>>>> is in wheel group.
>>>> If I remove the test user and recreate it whith adduser and specify
>>>> to add
>>>> test user in the wheel group I have the same behavior
>>>> If I try to get root privilege with su root - I have the same result.
>>>>
>>>> What I do wrong or missing.
>>>>
>>>>      
>>> Hmm. Try the obvious first: what does groups say about your test user?
>>>    
>>
>> Also, the new group does not apply to an already logged in user. Use
>> id(1) to see if you are who you seem to be.
>>
>>  
> I do some more test, if I use the test user directly on the main console
> everythink is ok
> I can connect with test user and I can do an su - and be root
>
> If I do the same think from a linux term after ssh test@bazard I can
> connect with user test but I cannot  be gain root privilege with an su -
>
> If I run id from linux term after an ssh test@bazard I have this :
> $ id
> uid=1000(test) gid=1000(test) groups=1000(test), 0(wheel)
> $
> If I run id directly from main console I have the same thing :
> $ id
> uid=1000(test) gid=1000(test) groups=1000(test), 0(wheel)
> $
>
> Phil

Then I must say I _really_ think you have an issue typing the password,
as in different keyboard layout or so.

Reply | Threaded
Open this post in threaded view
|

Re: BAD SU

Nick Guenther
In reply to this post by Brad Tilley-4
On Sun, Nov 29, 2009 at 6:43 PM, Brad Tilley <[hidden email]> wrote:

> On Sun, Nov 29, 2009 at 6:28 PM, Brad Tilley <[hidden email]> wrote:
>
>> I see the same on 4.6-release. The initial user I added during install
>> can su and sudo
>
> Just to be clear, 'sudo su' works for newly added users who are in the
> wheel group, but su by itself does not. Apologies for the confusion.
>
> Brad
>
>

That's funny, because I followed your directions and I can't
reproduce. I'm running 4.6 GENERIC -release. You did relogin after
changing the passwords and groups right?

Reply | Threaded
Open this post in threaded view
|

BAD SU RESOLVED

philippe aubry
In reply to this post by Alexander Hall
Alexander Hall wrote:

> phil wrote:
>  
>> Alexander Hall wrote:
>>    
>>> Nick Guenther wrote:
>>>  
>>>      
>>>> On Sun, Nov 29, 2009 at 4:51 PM, phil <[hidden email]> wrote:
>>>>    
>>>>        
>>>>> Hello
>>>>>
>>>>> I have some strange behavior with su in openbsd 4.6,
>>>>> I have two users root and test, test user is in wheel group with
>>>>> usermod -G
>>>>> wheel test, when i try to be root with su -
>>>>> I have the sorry message and in the /var/log/authlog I have :
>>>>> BAD SU test to root on /dev/ttyp0
>>>>>
>>>>> I'm sure about the root password, cat from /etc/group show me that
>>>>> test user
>>>>> is in wheel group.
>>>>> If I remove the test user and recreate it whith adduser and specify
>>>>> to add
>>>>> test user in the wheel group I have the same behavior
>>>>> If I try to get root privilege with su root - I have the same result.
>>>>>
>>>>> What I do wrong or missing.
>>>>>
>>>>>      
>>>>>          
>>>> Hmm. Try the obvious first: what does groups say about your test user?
>>>>    
>>>>        
>>> Also, the new group does not apply to an already logged in user. Use
>>> id(1) to see if you are who you seem to be.
>>>
>>>  
>>>      
>> I do some more test, if I use the test user directly on the main console
>> everythink is ok
>> I can connect with test user and I can do an su - and be root
>>
>> If I do the same think from a linux term after ssh test@bazard I can
>> connect with user test but I cannot  be gain root privilege with an su -
>>
>> If I run id from linux term after an ssh test@bazard I have this :
>> $ id
>> uid=1000(test) gid=1000(test) groups=1000(test), 0(wheel)
>> $
>> If I run id directly from main console I have the same thing :
>> $ id
>> uid=1000(test) gid=1000(test) groups=1000(test), 0(wheel)
>> $
>>
>> Phil
>>    
>
> Then I must say I _really_ think you have an issue typing the password,
> as in different keyboard layout or so.
>
>  
I'm really Sorry, You right, I'm stupid.
I have a fr keyboard and I'm under vmware, I don't no why my Fr keyboard
in vmware console cannot use the Alt Gr key.

Really Sorry
Phil

Reply | Threaded
Open this post in threaded view
|

Re: BAD SU

Brad Tilley-4
In reply to this post by Nick Guenther
On Sun, Nov 29, 2009 at 6:54 PM, Nick Guenther <[hidden email]> wrote:

> On Sun, Nov 29, 2009 at 6:43 PM, Brad Tilley <[hidden email]> wrote:
>> On Sun, Nov 29, 2009 at 6:28 PM, Brad Tilley <[hidden email]> wrote:
>>
>>> I see the same on 4.6-release. The initial user I added during install
>>> can su and sudo
>>
>> Just to be clear, 'sudo su' works for newly added users who are in the
>> wheel group, but su by itself does not. Apologies for the confusion.
>>
>> Brad
>
> That's funny, because I followed your directions and I can't
> reproduce. I'm running 4.6 GENERIC -release. You did relogin after
> changing the passwords and groups right?

Yes, when I type su as user test, I get "Sorry" outputted to the
console and I see "BAD SU test to root on /dev/ttyC0" in
/var/log/authlog. I'm doing this locally on a laptop.

When I type sudo su as user test, I get a root shell. In /etc/sudoers
I have the %wheel line for no password uncommented.

Brad

Reply | Threaded
Open this post in threaded view
|

Re: BAD SU

Brad Tilley-4
In reply to this post by Nick Guenther
On Sun, Nov 29, 2009 at 6:54 PM, Nick Guenther <[hidden email]> wrote:

> On Sun, Nov 29, 2009 at 6:43 PM, Brad Tilley <[hidden email]> wrote:
>> On Sun, Nov 29, 2009 at 6:28 PM, Brad Tilley <[hidden email]> wrote:
>>
>>> I see the same on 4.6-release. The initial user I added during install
>>> can su and sudo
>>
>> Just to be clear, 'sudo su' works for newly added users who are in the
>> wheel group, but su by itself does not. Apologies for the confusion.
>>
>> Brad
>>
>>
>
> That's funny, because I followed your directions and I can't
> reproduce. I'm running 4.6 GENERIC -release. You did relogin after
> changing the passwords and groups right?

It's official. I'm an idiot. Was using the user passwd with su.
Forgive me. su works fine.