Ok I am looking at the /etc/pam.d/su file right now. Let me post it here so I dont mess up su any worse*
Just want to make sure I do the right thing with it, also, since I will be at work all day I will have to do everything command line via ssh. *Im pretty good command line, but I dont know much about changing groups and owners and such command line, or how to check the currect groups/owners for that matter. *Thanks again guys!Code:#%PAM-1.0 auth * * * sufficient * /lib/security/pam_rootok.so # Uncomment the following line to implicitly trust users in the "wheel" group. #auth * * * sufficient * /lib/security/pam_wheel.so trust use_uid # Uncomment the following line to require a user to be in the "wheel" group. #auth * * * required * * /lib/security/pam_wheel.so use_uid auth * * * required * * /lib/security/pam_stack.so service=system-auth account * *required * * /lib/security/pam_stack.so service=system-auth password * required * * /lib/security/pam_stack.so service=system-auth session * *required * * /lib/security/pam_stack.so service=system-auth session * *optional * * /lib/security/pam_xauth.so
To check who owns a file, type:I dont know much about changing groups and owners and such command line, or how to check the currect groups/owners for that matter.
ls -alF
The names you see in the output are the owner followed by the group. I think someone may have mentioned it in passing, but to change ownership, type:
chown newowner:newgroup /name/of/file
In order to use chown, you have to be either root or the current owner.
[edit]Fixed the formating[/edit]
It's supposed to be a period, not a colon, between the names.chown newowner:newgroup /name/of/file
Well, I'm on a windows machine here at work right now *>so I can't check my man page, but the online man pages here say its a colon.
chown [OPTION]... OWNER[:[GROUP]] FILE... chown [OPTION]... :GROUP FILE... chown [OPTION]... --reference=RFILE FILE...
Weird, the colon works on my system. I've just always used a period...
Well heres the output on /bin/su:
What exactly do I need to do to get me back to su'ing so I can go on fixing up this box. Thanks guysCode:-rwxrwxrwx 1 rick420 wheel 18172 Sep 14 11:16 su*
su is not setuid, this is your problem.-rwxrwxrwx 1 rick420 wheel 18172 Sep 14 11:16 su*
As root, run this:
chmod o+s /bin/su
and it should work.
You want su to be:
Code:-rwsr-xr-x 1 root root
Oops! Yeah, having it world writeable is really bad, too
Do this command, it'll get you fixed right up:
chmod 4750 /bin/su
chown root.wheel /bin/su
(you also don't want it to be world readable or world executeable. The whole point of the wheel group is that only the people in it can use su, thus 4750 and not 4755).
Anyway. The above command will give it the right permissions, hope this helps.
Is there a way for me to do this remotely? I mean I know how to edit lilo.conf, but I cant get in as root to do it. I disabled logging in as root from ssh and if I reboot it will kernel panic b/c the default kernel is not working properly (forgot to change the good kernel to the default before). I ask b/c I am stuck at work all day and then class afterwards so I wont be home for like 12 hours. I would like to get this fixed soon if possible, wanna start compiling a new working kernel while Im gone all day. Thanks
Posting Permissions
Reply With Quote
Bookmarks