Page 1 of 2

[Solved]no possible root with su

Posted: 02 Sep 2013, 14:55
by wsteven
Hi, posting here as with a brand new install I got the same thing.

I modified only :

Code: Select all

Option "DontVTSwitch"
and inittab to be able to log on a shell.

Code: Select all

root@porteus:~# su guest
guest@porteus:/root$ su root
Password:
su: Incorrect password
guest@porteus:/root$
Any idea why busybox's su can't access shadow/passwd?

Re: no possible root with su

Posted: 02 Sep 2013, 15:28
by fanthom

Re: no possible root with su

Posted: 03 Sep 2013, 07:01
by wsteven
In rootcopy, I only have my new inittab for shell access :

Code: Select all

#
# inittab	This file describes how the INIT process should set up
#		the system in a certain run-level.

# Default runlevel.
id:4:initdefault:

# System initialization.
si::sysinit:/etc/rc.d/rc.S

# Script to run when going multi user.
rc:2345:wait:/etc/rc.d/rc.M

# What to do at the "Three Finger Salute".
#ca::ctrlaltdel:/sbin/shutdown -t5 -r now

# Runlevel 0 halts the system.
l0:0:wait:/etc/rc.d/rc.0

# Runlevel 6 reboots the system.
l6:6:wait:/etc/rc.d/rc.6

# Standard console login:
c1::respawn:/sbin/agetty 38400 tty1 linux
#c2::respawn:/sbin/agetty 38400 tty2 linux

# Start /etc/rc.d/rc.4 to get into GUI:
x1:4:respawn:/etc/rc.d/rc.4

Re: no possible root with su

Posted: 03 Sep 2013, 17:41
by fanthom
In rootcopy, I only have my new inittab for shell access
ok but you must put your modified /etc/shadow into 003-settings.xzm module. for example you could use this line (replace original one) to login with 'toor' password:

Code: Select all

root:$1$MKy0eqPM$auerQwMpGYcqgBqVddkfO/:9804:0:::::

Re: no possible root with su

Posted: 04 Sep 2013, 14:43
by wsteven
But I don't have a modified shadow file...
Rewrote my root password in case, but no change, su stills tells me wrong password. Checked my shadow file on my kiosk and password is ok.

Can anyone try

Code: Select all

su - guest; su 


And tell me if he can get back to root?

Re: no possible root with su

Posted: 04 Sep 2013, 16:16
by fanthom
ok - i finally get what the issue is about :)
guest has no perms to use 'su'. in order for getting back to the root account you have to use 'exit' command or press 'ctrl+d'.

Re: no possible root with su

Posted: 05 Sep 2013, 08:03
by Geroldka
.... or you start as root AND installed "sudo module" the command visudo

Re: no possible root with su

Posted: 05 Sep 2013, 10:58
by wsteven
fanthom wrote:ok - i finally get what the issue is about :)
guest has no perms to use 'su'. in order for getting back to the root account you have to use 'exit' command or press 'ctrl+d'.
Hi,
yes, how can I give guest this right?

Re: no possible root with su

Posted: 05 Sep 2013, 11:06
by wsteven
Geroldka wrote:.... or you start as root AND installed "sudo module" the command visudo
I did already, but sudo hasn't got this right either

Re: no possible root with su

Posted: 05 Sep 2013, 11:12
by francois

Code: Select all

guest@porteus:/root/Downloads/scid_vs_pc-4.10$ exit
exit
root@porteus:~/Downloads/scid_vs_pc-4.10#

Re: no possible root with su

Posted: 05 Sep 2013, 11:27
by Geroldka
wsteven wrote:
Geroldka wrote:.... or you start as root AND installed "sudo module" the command visudo
I did already, but sudo hasn't got this right either
maybe you should read man sudo

have a look:

Code: Select all

root@porteus:~# su - guest
guest@porteus:~$ su -
Passwort: 
root@porteus:~# su - guest
guest@porteus:~$ su - root
Passwort: 
root@porteus:~# exit
Abgemeldet
guest@porteus:~$ exit
Abgemeldet
root@porteus:~# exit
Abgemeldet
guest@porteus:~$
it really works proper.
Changing user with su and without a name will "switch user" always to root.

Re: no possible root with su

Posted: 05 Sep 2013, 12:22
by wsteven
Hi, interesting!
Are you using Kiosk edition? As fantom said, su shouldn't have this right :%)

Re: no possible root with su

Posted: 05 Sep 2013, 14:27
by fanthom
how can I give guest this right?
guest should never get the right to use 'su' in kiosk. why? because there is no need for this and we are actually doing our best to prevent this.
i find that some people are trying to convert kiosk into something what it was never intended to be. sorry but i wont be supporting this.

moving thread to 'User's modifications to the Kiosk ISO' category. you can continue discussion here.

Re: no possible root with su

Posted: 06 Sep 2013, 07:45
by Geroldka
wsteven wrote:Hi, interesting!
Are you using Kiosk edition? As fantom said, su shouldn't have this right :%)
Holy sh**, da***, I am sorry.
No, I am not in the kiosk but in normal :-( My fault.

Re: no possible root with su

Posted: 06 Sep 2013, 11:11
by wsteven
Yes, obviously, people want different things, which may not be the same as you. That's why we use linux, because we can do whatever suits us.
What I do understand though is that you don't want to work on this case :)
My kiosks should have a shell, because admins should be able to access command line in case for example system didn't get an IP. Which happens quite often in my configuration, didn't get really why yet (maybe my virtual environment?). But I don't want guests to be able to get root access in case they managed to guess key combination to popup xterm.
Thanks anyway, I'll manage something ^^