HPE Community
Operating System - HP-UX
1834448 Members
1919 Online
110067 Solutions
New Discussion

Re: Root user not able to login and ordinary users are able to log on

 
senthil_3
Frequent Advisor

‎07-17-2002 08:35 PM

‎07-17-2002 08:35 PM

Root user not able to login and ordinary users are able to log on

Hi,

in my HPUX, the Root users or users with root user id are not able to log on but other users are able to logon and work fine with the server.

only the super user has the problem..
can any one give suggessions what is the problem
0 Kudos
Reply
12 REPLIES 12
MANOJ SRIVASTAVA
Honored Contributor

‎07-17-2002 08:41 PM

‎07-17-2002 08:41 PM

Re: Root user not able to login and ordinary users are able to log on

what is the eroor it gives?

genrally if it ahs to do woth paswwd exprired or cnanot change passwd then all u ahve to do is to boot the machine in single user mode and set the root passwd ok . This is a genral soluiotn to a genral problem if u post as to what happens then may be I can help u more


Manoj Srivastava
0 Kudos
Reply
Michael Tully
Honored Contributor

‎07-17-2002 08:50 PM

‎07-17-2002 08:50 PM

Re: Root user not able to login and ordinary users are able to log on

If you have the existance of '/etc/securetty' and the word console in it, that may explain it.

Can you do 'su -' ??

Why would you have users other than root with a uid of 0 ??? This is a serious security problem... Why not set up 'sudo'

sudo can be found here:
http://hpux.connect.org.uk/hppd/hpux/Sysadmin/sudo-1.6.2b1/
Anyone for a Mutiny ?
0 Kudos
Reply
Misa
Frequent Advisor

‎07-17-2002 08:51 PM

‎07-17-2002 08:51 PM

Re: Root user not able to login and ordinary users are able to log on

I'm guessing that you can't telnet/rlogin as root. Without knowing more details, it sounds like the root user has been prevented from logging in via the /etc/securetty file.

If you want to turn this off, edit the /etc/securetty file ( become root, then:
vi /etc/securetty

). Remove the line/word that says "console". There is probably a knowledge database document that gives the instructions more clearly.

It's a good idea to prevent root from logging in directly, so you may not want to turn it off.

If this isn't it, my questions would be:
- what version of the OS ( run the "uname -a" command)
- is it a trusted system
- what is root's shell ( what does "grep root /etc/passwd" show)
- what is the exact error/symptom when root is "not able" to log in

--Misa
0 Kudos
Reply
senthil_3
Frequent Advisor

‎07-17-2002 09:03 PM

‎07-17-2002 09:03 PM

Re: Root user not able to login and ordinary users are able to log on

The problem is If u try log on from Login Prompt it says Login incorrect and If you try using "su - " then it says in correct password. but the password is correct.
0 Kudos
Reply
Michael Tully
Honored Contributor

‎07-17-2002 09:09 PM

‎07-17-2002 09:09 PM

Re: Root user not able to login and ordinary users are able to log on

If it says password is incorrect it could that it is. If you can't login at the console, you will have to boot the sytsem into single-user mode and change the password that way. This is one reason why the root account should not really be used directly and the danger is there that someone can change the password even by accident.

If you have your system as 'trusted' it could be that the account is locked.
Anyone for a Mutiny ?
0 Kudos
Reply
Misa
Frequent Advisor

‎07-17-2002 09:09 PM

‎07-17-2002 09:09 PM

Re: Root user not able to login and ordinary users are able to log on

Okay, this is really dumb, but if you can't su or telnet/rlogin/login, how do you know that it's the right password?

Ideas (no insult intended, just trying to be helpful):
- Someone else may have changed it
- Is your caps lock key on
- are you connecting to the right machine
- if you're on a modem, are your communications settings correct

Do you have any way of getting root access on the machine? If not, you may not be *able* to fix whatever's wrong, assuming it's on the host side. In that case, it may be "how do I recover my machine."

I don't know the netiquette of posting that type of info here, so I'll leave it for others to start.
0 Kudos
Reply
Misa
Frequent Advisor

‎07-17-2002 09:15 PM

‎07-17-2002 09:15 PM

Re: Root user not able to login and ordinary users are able to log on

Trying a locked-out root account on an 11.11 system, I get this message when telnetting or su'ing:

Account is disabled - see Account Administrator
0 Kudos
Reply
senthil_3
Frequent Advisor

‎07-17-2002 09:19 PM

‎07-17-2002 09:19 PM

Re: Root user not able to login and ordinary users are able to log on

Previous SysAdm. has created a Dynamic link file which allows me to login as a super user. Where i hv changed passwd for root and when trying says login incorrect or using su - says incorrect passwd


0 Kudos
Reply
Michael Tully
Honored Contributor

‎07-17-2002 09:29 PM

‎07-17-2002 09:29 PM

Re: Root user not able to login and ordinary users are able to log on

Looks like your toast.....

Suggest you schedule a time for a system reboot into single-user mode and change the password that way.
Anyone for a Mutiny ?
0 Kudos
Reply
Michael Tully
Honored Contributor

‎07-17-2002 09:32 PM

‎07-17-2002 09:32 PM

Re: Root user not able to login and ordinary users are able to log on

Looks like your toast.....

Suggest you schedule a time for a system reboot into single-user mode and change the password that way.
Anyone for a Mutiny ?
0 Kudos
Reply
Misa
Frequent Advisor

‎07-17-2002 09:49 PM

‎07-17-2002 09:49 PM

Re: Root user not able to login and ordinary users are able to log on

By "dynamic link," I'm assuming you mean he made a symbolic link to /sbin/sh and made it setuid root, or some such.

So I'm assuming that yes, you have some method of getting to be root.

When you changed the password, did you:

passwd

or did you:

passwd root

(I'm assuming you're not using NIS/NIS+/YP; correct if wrong.)

I'm too tired to go into all the reasons, sorry, but maybe you changed the wrong password. It might be worth trying "passwd root" if you didn't already. And if you did, then check to see if you're running NIS. The procedure is different if yes.
0 Kudos
Reply
doug hosking
Esteemed Contributor

‎07-20-2002 12:10 AM

‎07-20-2002 12:10 AM

Re: Root user not able to login and ordinary users are able to log on

I can only guess, since I don't know the
history of your system, the passwords
you have chosen, or how many other accounts
are in question here.

1) If you have # or @ characters in your
password, funny things will happen because
these are sometimes interpreted as line
editing characters. Different programs
interpret them in different ways. (This
goes back to the days when system consoles
tended to be hardcopy devices. A few
remnants of that persist in the code.)

2) If you have converted to/from trusted
mode AND have passwords longer than 8
characters, behavior can be unexpected.
If this is the case, try using only the
first 8 characters of the password. This
is a side effect of some capacity limits in
how passwords are internally stored and the
inability to convert from one form to another
in all cases without losing some data. In
standard mode, any characters after 8 don't
actually get stored in your passwd entry
and get ignored on input, so it APPEARS
that you have a long password even though
any characters after the first 8 are silently
ignored. This is standard UNIX behavior,
but not widely known.

I have no way of knowing whether something
like a site policy requires superusers to
have long passwords, etc. That could be
one reason why it only happens to superusers.



0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.