HPE Community
Operating System - HP-UX
1834817 Members
2627 Online
110070 Solutions
New Discussion

login

 
manu_5
Frequent Advisor

‎11-29-2002 03:31 AM

‎11-29-2002 03:31 AM

login

Hi,
when i telnet to my hp 11i system ..and give the log in as root..it says login incorrect..without asking for a password..it happens with every user..plus the same is happening at console also.any clues
0 Kudos
Reply
5 REPLIES 5
Armin Feller
Honored Contributor

‎11-29-2002 03:34 AM

‎11-29-2002 03:34 AM

Re: login

Hi,

if rlogin works fine, then execute the following commands to resolve the problem:

1. cd /etc

2. rm securetty

Medusa creates the securetty file. This file creates problems with ARPA services.

Regards,
Armin
0 Kudos
Reply
Ravi_8
Honored Contributor

‎11-29-2002 03:39 AM

‎11-29-2002 03:39 AM

Re: login

Hi,

in /etc/pam.conf check whether any login line is commented, if it is then uncomment that line
never give up
0 Kudos
Reply
Armin Feller
Honored Contributor

‎11-29-2002 03:44 AM

‎11-29-2002 03:44 AM

Re: login

Hi, I think Ravi is right ;-)

--- snip ---
PROBLEM
login(1) command immediately rejects any username.
passwd(1) command does not prompt for a password.

For example:


$ /usr/bin/login
login: root
Login incorrect
login: guest
Login incorrect
login: anyone
$

$ /usr/bin/passwd
$

There is nothing else observed failing on this generic system (i.e. - not a trusted system, no CDE, and no networking involved).
RESOLUTION
1) Verify /etc/pam.conf and /usr/lib/security/* files have correct permissions. Sample permissions are:
Note: The following files will not exist on all systems.


$ ls -l /etc/pam.conf
-r--r--r-- 1 root sys ... /etc/pam.conf

$ ls -l /usr/lib/security/*
-r-xr-xr-x 1 root bin ... /usr/lib/security/libpam_dce.1
-r-xr-xr-x 1 root sys ... /usr/lib/security/libpam_unix.1
-r-xr-xr-x 1 root sys ... /usr/lib/security/libpam_updbe.1

If /etc/pam.conf is corrupt, a fresh copy is available at /usr/newconfig/etc/pam.conf.
2) Test if /sbin/passwd also fails. For instance, as root:


# /usr/bin/passwd
# /sbin/passwd
Changing password for root
New password:
Re-enter new password:
#

If /sbin/passwd works and /usr/bin/passwd fails, then there is likely a problem with a shared library.
The major difference between /sbin versus /usr/bin executables is how they were compiled. The /sbin executables were compiled statically with archive libraries, so they need no additional files. The /usr/bin/ executables generally were compiled dynamically with shared libraries, so they do need additional files. chatr(1) is used to change or display the internal attributes of an executable. For example:


$ chatr /usr/bin/passwd
/usr/bin/passwd:
shared executable
shared library dynamic path search:
SHLIB_PATH disabled second
embedded path disabled first Not Defined
shared library list:
dynamic /usr/lib/libpam.1
dynamic /usr/lib/libsec.2
dynamic /usr/lib/libm.2
dynamic /usr/lib/libnsl.1
dynamic /usr/lib/librpcsvc.1
dynamic /usr/lib/libc.2
shared library binding:
deferred
global hash table disabled
plabel caching disabled
shared vtable support disabled
static branch prediction disabled
:

$ chatr /sbin/passwd
/sbin/passwd:
shared executable
static branch prediction disabled
:

Note: This above example was from an 11.00 HP-UX system. On a 10.X system, `chatr /usr/bin/passwd` displayed a shared library list of:

shared library list:
dynamic /usr/lib/libsec.1
dynamic /usr/lib/libc.1

To resolve this issue, get a list of the shared libraries that /usr/bin/login is using. For example:

$ chatr /usr/bin/login
/usr/bin/login:
:
shared library list:
dynamic /usr/lib/libpam.1
dynamic /usr/lib/libsec.2
dynamic /usr/lib/libnsl.1
dynamic /usr/lib/libc.2
:

and verify these are not corrupt by comparing them against shared libraries from a known working system.
If no other problems are observed on the system, it likely not a libc issue, as many commands use the libc library. Replacing one of these libraries with a valid library may resolve the problem. Old superseded libraries may be available in one of the subdirectories below the /var/adm/sw/save (or /var/adm/sw/patch for 10.X) directory.

Corruption may have occurred due to swinstall(1) exiting prematurely during installation of patches, patches may have been installed without their corresponding dependent patches, or other possiblities.

--- snap ---

Regards,
Armin
0 Kudos
Reply
manu_5
Frequent Advisor

‎11-29-2002 03:45 AM

‎11-29-2002 03:45 AM

Re: login

i cannot do rlogin also.
0 Kudos
Reply
Oleg Zieaev_1
Regular Advisor

‎11-29-2002 10:26 AM

‎11-29-2002 10:26 AM

Re: login

Hello

If you can not get onto your system from any console, TOC the box, boot to single user mode and check your files starting with /etc/passwd.
All chatr checks also good idea.

Hope this helps,
0leg
Professionals will prevail ...
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.