HPE Community
Operating System - HP-UX
1833059 Members
2629 Online
110049 Solutions
New Discussion

Re: sudo help

 
SOLVED
Go to solution
Donny Jekels
Respected Contributor

‎04-17-2003 01:38 PM

‎04-17-2003 01:38 PM

sudo help

After I installed sudo 1.6.6 on a HP-UX 11.0 trusted system. I can't login as root from console.

It tells me roots password is incorrect.
this is not the case.

"Vision, is the art of seeing the invisible"
0 Kudos
Reply
12 REPLIES 12
John Dvorchak
Honored Contributor

‎04-17-2003 01:55 PM

‎04-17-2003 01:55 PM

Re: sudo help

Can you login as a normal user and su to root? Perhaps /etc/securetty got mangled?
If it has wheels or a skirt, you can't afford it.
0 Kudos
Reply
Michael Tully
Honored Contributor

‎04-17-2003 02:05 PM

‎04-17-2003 02:05 PM

Solution

Re: sudo help

Not sure what has happened. (hopefully you still have a root session)
You didn't change to trusted at the same time?

1) Remove /etc/securetty
2) run '/usr/lbin/modprpw -k root'
3) change the root password
4) reinstate /etc/securetty file with only 'console'
5) test as root from console
6) test as sudo 'command' from another session
7) su -
Anyone for a Mutiny ?
Reply
Donny Jekels
Respected Contributor

‎04-17-2003 02:06 PM

‎04-17-2003 02:06 PM

Re: sudo help

yes, I can. but even from the console
it fails.

when I log in from the console, it tells me incorrect password try again.

I can login as myself, tehn I use sudo su and I am in as root.
"Vision, is the art of seeing the invisible"
0 Kudos
Reply
Donny Jekels
Respected Contributor

‎04-17-2003 02:10 PM

‎04-17-2003 02:10 PM

Re: sudo help

I will give it a try.

thanx for the advise. is there anything that you know if sudo will affect this or cause this behavior?
"Vision, is the art of seeing the invisible"
0 Kudos
Reply
John Dvorchak
Honored Contributor

‎04-17-2003 02:10 PM

‎04-17-2003 02:10 PM

Re: sudo help

I am curious if you have an @ in the password? The ampersand (@) is a throw back to the days of tty's, real tty's and it means EOL, erase to end of line. It will work everywhere but on the console. If that is the case try changing the password to something without a @ in it and give it a try.
If it has wheels or a skirt, you can't afford it.
0 Kudos
Reply
John Dvorchak
Honored Contributor

‎04-17-2003 02:13 PM

‎04-17-2003 02:13 PM

Re: sudo help

Sorry I called the @ (at symbol) an ampersand. Must be having a senior moment.
If it has wheels or a skirt, you can't afford it.
0 Kudos
Reply
Donny Jekels
Respected Contributor

‎04-17-2003 02:22 PM

‎04-17-2003 02:22 PM

Re: sudo help

okay, can't get to datacenter. no I don't have webconsole. I will check on monday again. And try all your tricks. let me know if you think of anything else in the meanwhile. have a great weekend.
"Vision, is the art of seeing the invisible"
0 Kudos
Reply
Michael Tully
Honored Contributor

‎04-17-2003 02:23 PM

‎04-17-2003 02:23 PM

Re: sudo help

Donny,

I've used 'sudo' for years, never seen this. 'sudo' does not make any changes to either the trusted database (/tcb), password file etc. It uses the /etc/sudoers file as a reference point to who can do what, and utilises the users own password. It all presumes that 'root' has set it up.

Michael
Anyone for a Mutiny ?
0 Kudos
Reply
CCIL
Frequent Advisor

‎04-17-2003 02:28 PM

‎04-17-2003 02:28 PM

Re: sudo help

Try to reboot the system , in single user mode , then unconvert the system using the command tsconvert -r , & then change the runlevel to 3 . then check for the root login .

one more thing , whethere your root password is more than 8 charcters , if yes then key in only first eight characters of the root password

Amit Vichare
0 Kudos
Reply
Michael Tully
Honored Contributor

‎04-17-2003 02:37 PM

‎04-17-2003 02:37 PM

Re: sudo help

If this is a production server, beware that making your system un-trusted and then trusted again afterwards *will* reset all passwords and make users change their passwords at the next login attempt, unless the proper precautions are taken. Have a look at the 'modprpw/getprpw' man pages. (A good way to start a mutiny ...)
Anyone for a Mutiny ?
0 Kudos
Reply
Rick Garland
Honored Contributor

‎04-18-2003 09:51 AM

‎04-18-2003 09:51 AM

Re: sudo help

Is it possible that you came out of trusted for the sudo install then went back in to trusted?

If this is the case your passwds would have changed for all accts.
0 Kudos
Reply
Donny Jekels
Respected Contributor

‎04-19-2003 06:51 AM

‎04-19-2003 06:51 AM

Re: sudo help

turning into an interresting thread.

it was just conincidance that I installed sudo 1.6.6 on 2 servers that had problem with their root password.

As it tunred out it had nothing to do wiht sudo. Still investigating the root cause of this problem.

Have anyone experienced something similar, where root's password became 'corrupted/lost' and required a reset? as described by Michael Tully.

Does HP know of this issue, and what have they done about it? Is there a patch available to prevent this flaw?
"Vision, is the art of seeing the invisible"
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.