topic Re: Root user not able to login and ordinary users are able to log on in Operating System - HP-UX

Root user not able to login and ordinary users are able to log on

senthil_3 — Thu, 18 Jul 2002 03:35:44 GMT

Hi,

in my HPUX, the Root users or users with root user id are not able to log on but other users are able to logon and work fine with the server.

only the super user has the problem..
can any one give suggessions what is the problem

Re: Root user not able to login and ordinary users are able to log on

MANOJ SRIVASTAVA — Thu, 18 Jul 2002 03:41:31 GMT

what is the eroor it gives?

genrally if it ahs to do woth paswwd exprired or cnanot change passwd then all u ahve to do is to boot the machine in single user mode and set the root passwd ok . This is a genral soluiotn to a genral problem if u post as to what happens then may be I can help u more

Manoj Srivastava

Re: Root user not able to login and ordinary users are able to log on

Michael Tully — Thu, 18 Jul 2002 03:50:27 GMT

If you have the existance of '/etc/securetty' and the word console in it, that may explain it.

Can you do 'su -' ??

Why would you have users other than root with a uid of 0 ??? This is a serious security problem... Why not set up 'sudo'

sudo can be found here:
http://hpux.connect.org.uk/hppd/hpux/Sysadmin/sudo-1.6.2b1/

Re: Root user not able to login and ordinary users are able to log on

Misa — Thu, 18 Jul 2002 03:51:51 GMT

I'm guessing that you can't telnet/rlogin as root. Without knowing more details, it sounds like the root user has been prevented from logging in via the /etc/securetty file.

If you want to turn this off, edit the /etc/securetty file ( become root, then:
vi /etc/securetty

). Remove the line/word that says "console". There is probably a knowledge database document that gives the instructions more clearly.

It's a good idea to prevent root from logging in directly, so you may not want to turn it off.

If this isn't it, my questions would be:
- what version of the OS ( run the "uname -a" command)
- is it a trusted system
- what is root's shell ( what does "grep root /etc/passwd" show)
- what is the exact error/symptom when root is "not able" to log in

--Misa

Re: Root user not able to login and ordinary users are able to log on

senthil_3 — Thu, 18 Jul 2002 04:03:10 GMT

The problem is If u try log on from Login Prompt it says Login incorrect and If you try using "su - " then it says in correct password. but the password is correct.

Re: Root user not able to login and ordinary users are able to log on

Michael Tully — Thu, 18 Jul 2002 04:09:04 GMT

If it says password is incorrect it could that it is. If you can't login at the console, you will have to boot the sytsem into single-user mode and change the password that way. This is one reason why the root account should not really be used directly and the danger is there that someone can change the password even by accident.

If you have your system as 'trusted' it could be that the account is locked.

Re: Root user not able to login and ordinary users are able to log on

Misa — Thu, 18 Jul 2002 04:09:57 GMT

Okay, this is really dumb, but if you can't su or telnet/rlogin/login, how do you know that it's the right password?

Ideas (no insult intended, just trying to be helpful):
- Someone else may have changed it
- Is your caps lock key on
- are you connecting to the right machine
- if you're on a modem, are your communications settings correct

Do you have any way of getting root access on the machine? If not, you may not be *able* to fix whatever's wrong, assuming it's on the host side. In that case, it may be "how do I recover my machine."

I don't know the netiquette of posting that type of info here, so I'll leave it for others to start.

Re: Root user not able to login and ordinary users are able to log on

Misa — Thu, 18 Jul 2002 04:15:52 GMT

Trying a locked-out root account on an 11.11 system, I get this message when telnetting or su'ing:

Account is disabled - see Account Administrator

Re: Root user not able to login and ordinary users are able to log on

senthil_3 — Thu, 18 Jul 2002 04:19:57 GMT

Previous SysAdm. has created a Dynamic link file which allows me to login as a super user. Where i hv changed passwd for root and when trying says login incorrect or using su - says incorrect passwd

Re: Root user not able to login and ordinary users are able to log on

Michael Tully — Thu, 18 Jul 2002 04:29:50 GMT

Looks like your toast.....

Suggest you schedule a time for a system reboot into single-user mode and change the password that way.

Re: Root user not able to login and ordinary users are able to log on

Michael Tully — Thu, 18 Jul 2002 04:32:35 GMT

Looks like your toast.....

Suggest you schedule a time for a system reboot into single-user mode and change the password that way.

Re: Root user not able to login and ordinary users are able to log on

Misa — Thu, 18 Jul 2002 04:49:40 GMT

By "dynamic link," I'm assuming you mean he made a symbolic link to /sbin/sh and made it setuid root, or some such.

So I'm assuming that yes, you have some method of getting to be root.

When you changed the password, did you:

passwd

or did you:

passwd root

(I'm assuming you're not using NIS/NIS+/YP; correct if wrong.)

I'm too tired to go into all the reasons, sorry, but maybe you changed the wrong password. It might be worth trying "passwd root" if you didn't already. And if you did, then check to see if you're running NIS. The procedure is different if yes.

Re: Root user not able to login and ordinary users are able to log on

doug hosking — Sat, 20 Jul 2002 07:10:20 GMT

I can only guess, since I don't know the
history of your system, the passwords
you have chosen, or how many other accounts
are in question here.

1) If you have # or @ characters in your
password, funny things will happen because
these are sometimes interpreted as line
editing characters. Different programs
interpret them in different ways. (This
goes back to the days when system consoles
tended to be hardcopy devices. A few
remnants of that persist in the code.)

2) If you have converted to/from trusted
mode AND have passwords longer than 8
characters, behavior can be unexpected.
If this is the case, try using only the
first 8 characters of the password. This
is a side effect of some capacity limits in
how passwords are internally stored and the
inability to convert from one form to another
in all cases without losing some data. In
standard mode, any characters after 8 don't
actually get stored in your passwd entry
and get ignored on input, so it APPEARS
that you have a long password even though
any characters after the first 8 are silently
ignored. This is standard UNIX behavior,
but not widely known.

I have no way of knowing whether something
like a site policy requires superusers to
have long passwords, etc. That could be
one reason why it only happens to superusers.