Bug #1226
closed
su is asking superuser for password
Added by dennis.melentyev almost 16 years ago.
Updated almost 16 years ago.
Description
Hi community,
After the last upgrade on Jan' 4th to:
dennis@dfly> uname -a
DragonFly dfly.melent.local 2.1.1-DEVELOPMENT DragonFly
2.1.1-DEVELOPMENT #1: Sun Jan 4 04:51:33 EET 2009
root@dfly.melent.local:/usr/obj/usr/src/sys/GENERIC i386
su started asking for a password while su'ing from root to less
privileged users.
Steps to reproduce:
1. login as regular user
2. dennis@dfly> sudo su -
Password:
3. root@dfly# su bind
Password: <just enter>
pam_unix: pam_sm_authenticate: UNIX authentication refused
su: Sorry
bind:*:53:53:Bind Sandbox:/:/sbin/nologin
This could be a sude-effect of Peter Avalos' recent commits (or
missing some of his latest commits)
PS. For the moment, system is upgraded one more time, to Jan'7th
state. Same results.
--
Dennis Melentyev
Did you do a 'make upgrade'?
I'm guessing you don't have the pam configuration files in pam.d/, but
if you do, let us know.
--Peter
Hi Peter,
I did make upgrade. But never touched /etc/pam.d content.
For now, it is:
dennis@dfly (xterm) > ll /etc/pam.d/
total 26
rw-r--r- 1 root wheel 2901 Sep 24 23:47 README
rw-r--r- 1 root wheel 3274 Sep 24 23:47 convert.sh
rw-r--r- 1 root wheel 335 Sep 24 23:47 ftpd
rw-r--r- 1 root wheel 302 Sep 24 23:47 gdm
rw-r--r- 1 root wheel 165 Sep 24 23:47 imap
rw-r--r- 1 root wheel 431 Sep 24 23:47 login
rw-r--r- 1 root wheel 214 Sep 24 23:47 other
rw-r--r- 1 root wheel 165 Sep 24 23:47 pop3
rw-r--r- 1 root wheel 388 Sep 24 23:47 sshd
rw-r--r- 1 root wheel 171 Sep 24 23:47 telnetd
rw-r--r- 1 root wheel 300 Sep 24 23:47 xdm
Not sure it is Ok, since files are dated Sep 24.
PS. Just ran "make upgrade" one more time. No change.
Ah, yes I see what's happening. We don't just blindly install the files
into that directory, since it could be locally modified. If you don't
have any local modifications in /etc/pam.d/ your best bet is to:
cd /usr/src/etc
make install
If you do have local mods, you can do the above, but you'll have to redo
those changes. Otherwise, your other option is to use mergemaster -s.
--Peter
You need /usr/src/etc/pam.d
cheers
simon
Yeh, sorry about that:
cd /usr/src/etc/pam.d
make install
Should this go in /usr/src/UPDATING?
How's this look?
------------
The PAM modules and some userland utilities were changed to become PAM-aware.
The configuration files in /etc/pam.d/ need to be updated for the change. If
there are no local modifications in /etc/pam.d/, the easiest thing to do is:
cd /usr/src/etc/pam.d
make install
The configuration files may also be updated with 'mergemaster s'.
-----------
--Peter
On Sun, January 11, 2009 10:19 pm, Peter Avalos wrote:
This is great - if for no other reason than I know I'll upgrade
shiningsilence.com at some point and have totally forgotten about this.
Thanks guys!
cd /usr/src/etc/pam.d && make install worked just perfectly for me.
I had no local modifications, so no reason to bother about merging.
Please, close this issue.
/dennis
:Peter Avalos <pavalos@theshell.com> added the comment:
:
:How's this look?
:
:------------
:The PAM modules and some userland utilities were changed to become PAM-awar=
:e=2E
:The configuration files in /etc/pam.d/ need to be updated for the change. =
:If
:there are no local modifications in /etc/pam.d/, the easiest thing to do is:
:
: cd /usr/src/etc/pam.d
: make install
:
:The configuration files may also be updated with 'mergemaster s'.
:-----------
:
:--Peter
Ick. make upgrade should either do the required work or it should
work the user at the end that work needs to be done. That's the
whole point of having a make upgrade.
-Matt
8424467a03e42b42f2e4fb15bdc8cccb301aa1da should fix this.
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by 
Updated by 
Updated by