HPE GreenLake Administration
- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- HP-UX 11.0 security problem
Operating System - HP-UX
1832666
Members
3133
Online
110043
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Go to solution
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-03-2001 04:09 AM
08-03-2001 04:09 AM
When I am trying to login to one of the servers (on which Medusa is installed), it gives the following error messages :
---------------------------
[KQ#root]/root/home/root > su - testVN01
setgroups: Not owner
setgroups: Not owner
su: Unable to initialize group access list
[KQ#root]/root/home/root >
[KQ#root]/root/home/root > su - oracle
setgroups: Not owner
setgroups: Not owner
su: Unable to initialize group access list
[KQ#root]/root/home/root > su - testrv
su: Invalid ID
[KQ#root]/root/home/root > pwget |grep testrv
testrv:7d6kZH3vbpyvQ,O.9M:5905:205:SystemTester Ravi BH,TMD,x16497,:/home/testrv:/usr/bin/ksh
[KQ#root]/root/home/root > pwget |grep -E 'ora|test'
oracle:Mfw7In06a27s6:8801:101:,,,:/opt/app/oracle/product/8.0.6:/usr/bin/ksh
testrv:7d6kZH3vbpyvQ,O.9M:5905:205:SystemTester Ravi BH,TMD,x16497,:/home/testrv:/usr/bin/ksh
[KQ#root]/root/home/root > login oracle
Password:
Unable to set uid/gid
Connection closed by foreign host.
vinu-hpsgnru:/home/vinu>
------------------------------
Any clues as to the reason for this behaviour would be appreciated.
---------------------------
[KQ#root]/root/home/root > su - testVN01
setgroups: Not owner
setgroups: Not owner
su: Unable to initialize group access list
[KQ#root]/root/home/root >
[KQ#root]/root/home/root > su - oracle
setgroups: Not owner
setgroups: Not owner
su: Unable to initialize group access list
[KQ#root]/root/home/root > su - testrv
su: Invalid ID
[KQ#root]/root/home/root > pwget |grep testrv
testrv:7d6kZH3vbpyvQ,O.9M:5905:205:SystemTester Ravi BH,TMD,x16497,:/home/testrv:/usr/bin/ksh
[KQ#root]/root/home/root > pwget |grep -E 'ora|test'
oracle:Mfw7In06a27s6:8801:101:,,,:/opt/app/oracle/product/8.0.6:/usr/bin/ksh
testrv:7d6kZH3vbpyvQ,O.9M:5905:205:SystemTester Ravi BH,TMD,x16497,:/home/testrv:/usr/bin/ksh
[KQ#root]/root/home/root > login oracle
Password:
Unable to set uid/gid
Connection closed by foreign host.
vinu-hpsgnru:/home/vinu>
------------------------------
Any clues as to the reason for this behaviour would be appreciated.
Solved! Go to Solution.
2 REPLIES 2
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-03-2001 06:48 AM
08-03-2001 06:48 AM
Re: HP-UX 11.0 security problem
Bastian:jjp /etc/default# man setgroups
Reformatting entry. Wait... done
setgroups(2) setgroups(2)
NAME
setgroups - set group access list
SYNOPSIS
#include
int setgroups(int ngroups, const gid_t *gidset);
DESCRIPTION
setgroups() sets the group access list of the current user process
according to the array gidset. The parameter ngroups indicates the
number of entries in the array and must be no more than NGROUPS_MAX,
as defined in.
Only super-user can set new groups by adding to the group access list
of the current user process; any user can delete groups from it.
RETURN VALUE
Upon successful completion, setgroups() returns 0; otherwise it
returns -1 and sets errno to indicate the error.
ERRORS
setgroups() fails if any of the following conditions are encountered:
[EPERM] The caller is not super-user and has attempted to
set new groups.
[EFAULT] The address specified for gidset is outside the
process address space. The reliable detection of
this error is implementation dependent.
[EINVAL] ngroups is greater than NGROUPS_MAX or not
positive.
[EINVAL] An entry in gidset is not a valid group ID.
AUTHOR
setgroups() was developed by the University of California, Berkeley.
I have never had this problem or tried this, but here is a post in the tech. knowledge base:
PROBLEM
su command as non root user returns:
setgroups: Not owner
su: unable to initialize group access list.
RESOLUTION
/etc/passwd, /usr/bin/login, & /usr/bin/su are 755
Changed them to 4555 to get the suid bit set.
/etc/group is bin bin, should be root sys
Hope it helps...
Reformatting entry. Wait... done
setgroups(2) setgroups(2)
NAME
setgroups - set group access list
SYNOPSIS
#include
int setgroups(int ngroups, const gid_t *gidset);
DESCRIPTION
setgroups() sets the group access list of the current user process
according to the array gidset. The parameter ngroups indicates the
number of entries in the array and must be no more than NGROUPS_MAX,
as defined in
Only super-user can set new groups by adding to the group access list
of the current user process; any user can delete groups from it.
RETURN VALUE
Upon successful completion, setgroups() returns 0; otherwise it
returns -1 and sets errno to indicate the error.
ERRORS
setgroups() fails if any of the following conditions are encountered:
[EPERM] The caller is not super-user and has attempted to
set new groups.
[EFAULT] The address specified for gidset is outside the
process address space. The reliable detection of
this error is implementation dependent.
[EINVAL] ngroups is greater than NGROUPS_MAX or not
positive.
[EINVAL] An entry in gidset is not a valid group ID.
AUTHOR
setgroups() was developed by the University of California, Berkeley.
I have never had this problem or tried this, but here is a post in the tech. knowledge base:
PROBLEM
su command as non root user returns:
setgroups: Not owner
su: unable to initialize group access list.
RESOLUTION
/etc/passwd, /usr/bin/login, & /usr/bin/su are 755
Changed them to 4555 to get the suid bit set.
/etc/group is bin bin, should be root sys
Hope it helps...
Spoon!!!!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-03-2001 08:23 AM
08-03-2001 08:23 AM
Solution
Hi Vinu,
The errors your are seeing of "setgroups: Not owner" are being seen because of incorrect permission for the /usr/bin/su and /usr/bin/login executables. Make sure /usr/bin/su and /usr/bin/login are owned by user "root" and group "bin" and permissions are -r-sr-xr-x (4555).
To change the permissions do a (as root)
chmod 4555 /usr/bin/su
chmod 4555 /usr/bin/login
-HTH
I am RU
The errors your are seeing of "setgroups: Not owner" are being seen because of incorrect permission for the /usr/bin/su and /usr/bin/login executables. Make sure /usr/bin/su and /usr/bin/login are owned by user "root" and group "bin" and permissions are -r-sr-xr-x (4555).
To change the permissions do a (as root)
chmod 4555 /usr/bin/su
chmod 4555 /usr/bin/login
-HTH
I am RU
They think they know but don't. At least I know I don't know - Socrates
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Events and news
Customer resources
© Copyright 2025 Hewlett Packard Enterprise Development LP