1745834 Members
4392 Online
108723 Solutions
New Discussion юеВ

not able to su -

 
SOLVED
Go to solution
gany59
Regular Advisor

not able to su -

Hi,

While i am able login as a root by su -
i am facing the error as :
su: Your own ID is unknown.

so i am checked the /tcb/files/auth/r/root ... but i am not able to find out any of clues.

Below is my o/p of the /tcb/files/auth/r/root file

alicgd> more /tcb/files/auth/r/root
root:u_name=root:u_id#0:\
:u_pwd=QjhOwFxpHe0mM:\
:u_bootauth:u_auditid#0:\
:u_auditflag#1:\
:u_pswduser=root:u_suclog#1265658893:u_lock@:chkent:

Please tell me how to proceed this issue..

Thanks in advance !!!!!!!!!!!!


8 REPLIES 8
Steven E. Protter
Exalted Contributor
Solution

Re: not able to su -

Shalom,

It is not talking about the root user, its talking about the id you are using to su - from.

Check that ID.

Also check pam configuration. Many systems block this feature for security and auditing reasons.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
gany59
Regular Advisor

Re: not able to su -

yes.. the below is my userid file :

kuppsra:u_name=kuppsra:u_id#3830:\
:u_pwd=g4Acdwyb5a.p2:\
:u_auditid#3061:\
:u_auditflag#1:\
:u_succhg#1265738983:u_suclog#1267549488:u_suctty=ttyrb:u_unsuclog#1267549477:\
:u_unsuctty=ttyrb:u_lock@:chkent:

So can i know where is the pam file.. ?
gany59
Regular Advisor

Re: not able to su -

Hello Steve,

Here is my /etc/pam.conf file..

dcbc9z> more /etc/pam.conf
#ident "@(#)pam.conf 1.15 95/09/11 SMI"
#
# PAM configuration
#
# Authentication management
#
dtlogin auth required /usr/lib/security/libpam_unix.1
dtaction auth required /usr/lib/security/libpam_unix.1
OTHER auth required /usr/lib/security/libpam_unix.1
#
# Account management
#
dtlogin account required /usr/lib/security/libpam_unix.1
dtaction account required /usr/lib/security/libpam_unix.1
#
OTHER account required /usr/lib/security/libpam_unix.1
#
# Session management
#
dtlogin session required /usr/lib/security/libpam_unix.1
dtaction session required /usr/lib/security/libpam_unix.1
OTHER session required /usr/lib/security/libpam_unix.1
#
# Password management
#
dtlogin password required /usr/lib/security/libpam_unix.1
dtaction password required /usr/lib/security/libpam_unix.1
OTHER password required /usr/lib/security/libpam_unix.1

So i can't find any of the clues from this file.. can u help me out on this.....
Patrick Wallek
Honored Contributor

Re: not able to su -

Please post (copy and paste) exactly what you do and the exact errors you are getting.
gany59
Regular Advisor

Re: not able to su -

Hello Partik..

This is the error i am getting , while i am try to do su -

(dcbc9z:kuppsra) su -
su: Your own ID is unknown.
(alicgd:kuppsra)


Patrick Wallek
Honored Contributor

Re: not able to su -

Have a look at this thread:

http://forums13.itrc.hp.com/service/forums/questionanswer.do?admit=109447627+1268338202720+28353475&threadId=86361

In a nutshell:

There may be corruption in the /tcb structures. Run 'authck -a' to see if any problems are reported. If so, fix them and then try your su again.
Steven E. Protter
Exalted Contributor

Re: not able to su -

Shalom,

The pam configuration looks good. Nobody has deliberately tried to stop su - login, though its trivial to do so.

I'm leaning toward /tcb corruption now. If it is not too large, please post the results of the authck -a command or post highlights.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
gany59
Regular Advisor

Re: not able to su -

Hi,

I have a concern like can i copy the /tcb/auth/files/ by the ignite backup. If we take the ignite backup all the configuration files need to be there in the ignite tape right ?.. so is there a way to copy that file from teh ignite tape, is yes.. please let me know how to do that.