HPE Community
Operating System - HP-UX
1752600 Members
4058 Online
108788 Solutions
New Discussion юеВ

Re: unable to logon to the server for all users

 
SOLVED
Go to solution
aleemuddin
Occasional Advisor

тАО12-24-2008 02:26 AM

тАО12-24-2008 02:26 AM

unable to logon to the server for all users

hi guys

i am getting the following error

fare login :open_module: module /usr/lib/security/hpux32/libpam_hpsec.so .1 writable by group


---------

all i did was chmod -R 777 /usr

and i think this has caused the whole problem

-----

for the solution
i tried loging on in single user mode
using

HPUX> boot -lm vmunix
and i was successfull to get the # prompt

i changer the permission back to 555 for usr directory

chmod -R 555 usr

and i restarted the surver in multiuser mode and i get the same error as mentioned above.


i thaught of changing the permission of the file libpam_hpsec.so but when i changed directory to usr i could not see any other sub directories or files.

i need a solution ASAP
0 Kudos
Reply
28 REPLIES 28
F Verschuren
Esteemed Contributor

тАО12-24-2008 02:39 AM

тАО12-24-2008 02:39 AM

Re: unable to logon to the server for all users

The probem is that in /usr some files have to have setUID

examlpe:
-r-sr-xr-x for /usr/bin/vgdsiplay.
-r-xr-sr-x for war

the best way is to restore the data, (ore copy the permisions form a other server

make sure that /usr/bin/login shows:
-r-sr-xr-x
and logins:
-r-xr-xr-x

than maybe you are able to login again to start a restore....

kind regards,

Freek

0 Kudos
Reply
Ganesan R
Honored Contributor

тАО12-24-2008 03:02 AM

тАО12-24-2008 03:02 AM

Solution

Re: unable to logon to the server for all users

Hi,

chmod -R 777 /usr

This command should have changed all the permission to all sub directories and files. It makes all the damage.

I came across the same situation once and ultimately we have reinstalled the OS. Because we cannot go and change all the files and directory permission to old one.

So I would recommand you to restore the os from recent ignite backup.

>>>i thaught of changing the permission of the file libpam_hpsec.so but when i changed directory to usr i could not see any other sub directories or files.<<<

You need to mount the /usr since /usr will not be mounted on single user mode. Run the following commands to mount /usr

#fsck -F full /dev/vg00/rlvolx --> x is the lvol number of /usr mount point.

#mount /usr

Now you can access the /usr filesystem
Best wishes,

Ganesh.
Reply
aleemuddin
Occasional Advisor

тАО12-24-2008 03:03 AM

тАО12-24-2008 03:03 AM

Re: unable to logon to the server for all users

hi

this is the only server we have .
i would like to know if we start the server
using this command
HPUX> boot -lm vmunix
can we see the contents of /usr

i could see the contents of /dev
but not usr

please beare with me as i am very new to unix.

thanks
0 Kudos
Reply
Suraj K Sankari
Honored Contributor

тАО12-24-2008 03:12 AM

тАО12-24-2008 03:12 AM

Re: unable to logon to the server for all users

Hi,

That means your /usr is not having any file or directory.
In this case I suggest restore your OS with ignite backup.

Suraj
0 Kudos
Reply
aleemuddin
Occasional Advisor

тАО12-24-2008 03:23 AM

тАО12-24-2008 03:23 AM

Re: unable to logon to the server for all users

hi ganesh

after loging on to the server
and when i do a listing ls i get the list of all the files which includes dev,usr,........

but i cannot see the contents of usr when i change directory to usr

thanks
0 Kudos
Reply
Ganesan R
Honored Contributor

тАО12-24-2008 03:31 AM

тАО12-24-2008 03:31 AM

Re: unable to logon to the server for all users

Hi Aleemudin,

I clearly mentioned in my previous reply that, /usr will not be mounted on single user mode or maintanance mode. You need to manually mount as per the steps I have given.

#fsck -F full /dev/vg00/lvol6
#mount /usr

You are just seeing the directory /usr which is in root filesystem. There is no logical volume mounted on /usr as such.

And /dev directory also in root filesytem. It is not a seperate mount point like /usr.

Hope this helps..
Best wishes,

Ganesh.
Reply
Dennis Handly
Acclaimed Contributor

тАО12-24-2008 03:32 AM

тАО12-24-2008 03:32 AM

Re: unable to logon to the server for all users

>all I did was chmod -R 777 /usr

Why in the world would you want to do that? Besides messing up any setuid bits, it creates a security hole big enough for a Mac truck!

As Ganesan says, you are hosed.

If you have hours and hours of time, you could change files one by one. If you could get swverify working, you could use "swverify -F \*" to fix the permissions.

>i cannot see the contents of usr when i change directory to usr

As Ganesan mentioned, get out of that directory and mount /usr.
0 Kudos
Reply
Pete Randall
Outstanding Contributor

тАО12-24-2008 03:34 AM

тАО12-24-2008 03:34 AM

Re: unable to logon to the server for all users

Your "boot -lm vmunix" will boot you into LVM maintenance mode. I would think you would rather be in single user mode "boot -is vmunix".

In any case, you can't see /usr because it's not mounted. Do a "mount -a" to mount all the file systems. If you get any errors during the mount you might need to run fsck against them. Once you get things mounted, then you can look at /usr and see what you may need to do to fix things.

I would suggest that you take away from this experience one very valuable lesson: the as-installed permissions on your root file systems are the way they are for a reason. Do NOT play with them.


Pete

Pete
0 Kudos
Reply
aleemuddin
Occasional Advisor

тАО12-24-2008 03:43 AM

тАО12-24-2008 03:43 AM

Re: unable to logon to the server for all users

hi ganesh

how can i know lvol number of /usr mount point

thanks
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.