su: Sorry

Shane Russell · ‎11-27-2006

Hi,

I am experiencing a strange problem with su.

When I connect to my HP-UX 11i server using Putty and run su here is the output I get:-

srussell@locutus:/home/srussell $ su -
su: Sorry

I also cannot run the ps command
srussell@locutus:/home/srussell $ ps
ps: don't know which terminal to select

However, if I connect using ReflectionXs I can su fine.

The root account is not locked
root@locutus:/etc/default # /usr/lbin/getprpw root
uid=0, bootpw=YES, audid=0, audflg=1, mintm=0, maxpwln=-1, exptm=30, lftm=0, spwchg=Fri Nov 17 11:35:53 2006, upwchg=Fri Nov 18 08:26:48 2005, acctexp=-1, llog=0, expwarn=5, usrpick=DFT, syspnpw=DFT, rstrpw=DFT, nullpw=DFT, admnum=-1, syschpw=DFT, sysltpw=DFT, timeod=-1, slogint=Mon Nov 27 13:54:13 2006, ulogint=Mon Nov 27 13:55:30 2006, sloginy=console, culogin=1, uloginy=-1, umaxlntr=-1, alock=NO, lockout=0000000

The TERM variable is different.

I have tried it with 3 accounts so it is not an account thing,

Any help greatly appreciated
regards,
Shane

Christian Tremblay · ‎11-27-2006

In Putty, go to connection -> data and check the terminal-type string entry.
mine is set to xterm and works fine.
You may also try vt100 which works in most cases.

Chris

Shane Russell · ‎11-27-2006

Thanks Chris,

I don't think it is a Putty config problem because I use Putty to manage our 30 other HP-UX servers and there is no problem with them

Any other ideas?
regards,
Shane

Ivan Krastev · ‎11-27-2006

One of the problems maybe if you have special characters in your password - such as #@.

Can you see for entries in syslog file ?

regards,
ivan

Ivan Krastev · ‎11-27-2006

One of the problems maybe if you have special characters in your password - such as #@.

regards,
ivan

Shane Russell · ‎11-27-2006

Thanks Ivan,

There are no special characters in either passwords,

Anyone any other ideas?

regards,
Shane

Ivan Krastev · ‎11-27-2006

What is your $TERM variable - "echo $TERM" . Try "export TERM=xterm" for example if its not present.

regards,
ivan

Shane Russell · ‎11-27-2006

Thanks Ivan

I tried that ...

srussell@locutus:/home/srussell $ su -
su: Sorry
srussell@locutus:/home/srussell $ echo $TERM
xterm
srussell@locutus:/home/srussell $ export TERM=vt100
srussell@locutus:/home/srussell $ echo $TERM
vt100
srussell@locutus:/home/srussell $ su -
su: Sorry
srussell@locutus:/home/srussell $ ps
ps: don't know which terminal to select
srussell@locutus:/home/srussell $

regards,
Shane

Ivan Krastev · ‎11-27-2006

Can you check for this patch - http://www4.itrc.hp.com/service/patch/patchDetail.do?patchid=PHCO_33267&sel={hpux:11.00,}&BC=main|search|

regards,
ivan

Christian Tremblay · ‎11-27-2006

There is a patch for a similar problem:
Do you have PHCO_30397 installed ?

Defect Description:
PHCO_30397:
( SR:8606310333 CR:JAGae73205 )
ps(1) uses file descriptors 0(STDIN),1(STDOUT) or
2(STDERR) to identify the major and minor device
numbers.This major & minor device numbers are used
as qualifiers to identify the processes to be displayed
when ps(1) is invoked without any option.The problem with
the above implementation is, if the STDIN, STDOUT and
STDERR are redirected then ps(1) will come out with an
error "ps: don't know which terminal to select". This is
because ps(1) could not determine the controlling terminal.
The problem can be reproduced as follows:

$ ps < /dev/null 1> /tmp/out 2> /tmp/err
$ echo $?
1
$ cat /tmp/out --- This does not give any output.
$ cat /tmp/err
ps: don't know which terminal to select

Resolution:
Now the controlling terminal is identified by obtaining the
major and minor device numbers from the process structure
of the current process.

Shane Russell · ‎11-27-2006

Thanks Chris & Ivan,

Neither of those patches are applied to my system. However, they are not applied to any of my HP-UX 11i systems.

I still think it is a global security setting because I am having the same problem with the following accounts:-

root@locutus:/root # /usr/lbin/getprpw srussell
uid=427, bootpw=NO, audid=21, audflg=1, mintm=-1, maxpwln=-1, exptm=-1, lftm=-1, spwchg=Mon Nov 27 13:40:45 2006, upwchg=Mon Nov 27 12:20:46 2006, acctexp=-1, llog=-1, expwarn=-1, usrpick=DFT, syspnpw=DFT, rstrpw=DFT, nullpw=DFT, admnum=-1, syschpw=DFT, sysltpw=DFT, timeod=-1, slogint=Mon Nov 27 15:21:44 2006, ulogint=Mon Nov 27 13:39:54 2006, sloginy=pts/ta, culogin=-1, uloginy=console, umaxlntr=-1, alock=NO, lockout=0000000
root@locutus:/root # /usr/lbin/getprpw oracle
uid=101, bootpw=NO, audid=15, audflg=1, mintm=-1, maxpwln=-1, exptm=-1, lftm=-1, spwchg=Mon Nov 27 13:42:13 2006, upwchg=Wed Sep 13 11:21:21 2006, acctexp=-1, llog=-1, expwarn=-1, usrpick=DFT, syspnpw=DFT, rstrpw=DFT, nullpw=DFT, admnum=-1, syschpw=DFT, sysltpw=DFT, timeod=-1, slogint=Mon Nov 27 15:27:30 2006, ulogint=Wed Sep 13 11:22:09 2006, sloginy=pts/ta, culogin=-1, uloginy=pts/ta, umaxlntr=-1, alock=NO, lockout=0000000
root@locutus:/root #
root@locutus:/root # /usr/lbin/getprpw gaussusr
uid=20015, bootpw=NO, audid=19, audflg=1, mintm=0, maxpwln=-1, exptm=0, lftm=0, spwchg=Tue Mar 15 13:59:24 2005, upwchg=-1, acctexp=-1, llog=-1, expwarn=0, usrpick=DFT, syspnpw=DFT, rstrpw=DFT, nullpw=DFT, admnum=-1, syschpw=DFT, sysltpw=DFT, timeod=-1, slogint=Mon Nov 27 13:59:35 2006, ulogint=Mon Nov 27 12:15:33 2006, sloginy=pts/ta, culogin=-1, uloginy=-1, umaxlntr=-1, alock=NO, lockout=0000000
root@locutus:/root #

Still awaiting inspiration

regards,
Shane

Coolmar · ‎11-30-2006

Is your system "trusted"? Could the root account be locked out?

Coolmar · ‎11-30-2006

Also, do you have sudo running on your system?

Shane Russell · ‎11-30-2006

Thanks Coolmar,

Yes, the system is trusted.

There is no sudo process running on any of my systems

regards,
Shane

Coolmar · ‎11-30-2006

Is the root account disabled/locked up by any chance?

Shane Russell · ‎11-30-2006

no ... read the chain above

Coolmar · ‎11-30-2006

Sorry...I should have read more closely rather than a quick scan.

How about the .profile? Is there anything in there that may be out of the ordinary?

Coolmar · ‎11-30-2006

Hi again Shane,

I found the following in the newsgroups, which is the same problem that you are having - however, it seems to suggest special characters in the password which you say is not your case. Is it possible though for you to su - within Reflections and change the password to something simple just to test?

http://groups.google.ca/group/comp.sys.hp.hpux/browse_thread/thread/240ccd3d3bcb6d0f/8c674dcda48d7cea?lnk=st&q=su%3A+sorry+and+hp-ux&rnum=2&hl=en#8c674dcda48d7cea

john korterman · ‎11-30-2006

Hi Shane,

does it work for any user at all? If no, then check /etc/profile - possibley compare it to one on a working system.

regards,
John K.

it would be nice if you always got a second chance

Shane Russell · ‎11-30-2006

Thanks guys.

Still no luck

Here is the setup of my system. I set the root password to passw0rd. Previous it was plann1ng

srussell@locutus:/home/srussell $ su -
su: Sorry
srussell@locutus:/home/srussell $ which su
/usr/bin/su
srussell@locutus:/home/srussell $ ll /usr/bin/su
-r-sr-xr-x 1 root bin 28672 Oct 4 2002 /usr/bin/su
srussell@locutus:/home/srussell $ grep srussell /etc/passwd
srussell:*:427:20:Shane Russell:/home/srussell:/usr/bin/sh
srussell@locutus:/home/srussell $ id
uid=427(srussell) gid=20(users)
srussell@locutus:/home/srussell $

srussell@locutus:/home/srussell $ echo $TERM
xterm
srussell@locutus:/home/srussell $ echo $SHELL
/usr/bin/sh
srussell@locutus:/home/srussell $ export TERM=vt100
srussell@locutus:/home/srussell $ echo $TERM
vt100
srussell@locutus:/home/srussell $ ps
ps: don't know which terminal to select
srussell@locutus:/home/srussell $ su -
su: Sorry
srussell@locutus:/home/srussell $

regards,
Shane

john korterman · ‎11-30-2006

Hi again Shane,

a long shot: /dev/tty or other device files may be damaged. Try executing

# insf -e

regards,
John K.

it would be nice if you always got a second chance

Shane Russell · ‎11-30-2006

Thanks John, but no, that did not solve it

V. Nyga · ‎11-30-2006

Hi,

what does 'echo $DISPLAY' says?

Can you give us the output of a working server, too, to compare?

Are you sure that ALL your servers are identically?
Neverthless I would try the recommended patch.

Volkmar

*** Say 'Thanks' with Kudos ***

Shane Russell · ‎11-30-2006

The DISPLAY variable is not needed because I am not have the problem in a Reflection X env. It is only when I use PUTTY.

Nevertheless, here is the DISPLAY from a working system (esattst4) and my problematic system (locutus)

srussell@esattst4:/home/srussell $ echo $DISPLAY
sh: DISPLAY: Parameter not set.
srussell@locutus:/home/srussell $ echo $DISPLAY
sh: DISPLAY: Parameter not set.

Also, patch PHCO_30397 is not installed on either system

regards,
Shane

V. Nyga · ‎11-30-2006

Hi again,

I mean: are your server identical in hardware and os? Are they cloned?

V.

*** Say 'Thanks' with Kudos ***

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

su: Sorry

su: Sorry

Re: su: Sorry

Re: su: Sorry

Re: su: Sorry

Re: su: Sorry

Re: su: Sorry

Re: su: Sorry

Re: su: Sorry

Re: su: Sorry

Re: su: Sorry

Re: su: Sorry

Re: su: Sorry

Re: su: Sorry

Re: su: Sorry

Re: su: Sorry

Re: su: Sorry

Re: su: Sorry

Re: su: Sorry

Re: su: Sorry

Re: su: Sorry

Re: su: Sorry

Re: su: Sorry

Re: su: Sorry

Re: su: Sorry

Re: su: Sorry