On Fri, 25 Jan 2013 13:05:51 +0100, Ralf Mardorf wrote:
> The user can't become root using Xfce Terminal Emulator or by ttyv1 (Ctrl
> + Alt + F2). This was possible before I switched the uid.
>
> Before the switch PPPoE was enabled automatically, now I have to do it
> manually.
>
> $ su
> su: not running setuid
>
> $ ls -l `which su`
> -r-sr-xr-x 1 rocketmouse wheel 16880 Dec 23 18:38 /usr/bin/su
Erm... that looks horribly wrong.
The permissions indicate that setuid is set, but the file
owner is wrong. For comparison:
-r-sr-xr-x 1 root wheel 14604 2011-08-21 20:24:28 /usr/bin/su*
This program has to belong to root. It seems that your
attempt to reflect UID changes in the file permissions
exceeded the scope of this task: Programs of the OS
seem to be affected, which is definitely not good.
> $ ls -l /home/ | grep rocketmouse
> drwxr-xr-x 28 rocketmouse rocketmouse 1536 Jan 25 12:17 rocketmouse
You can use ls -ld to omit the grep step. :-)
> $ id
> uid=1000(rocketmouse) gid=1000(rocketmouse)
> groups=1000(rocketmouse),0(wheel)
Seems to be okay.
> Ctrl + Alt + F2 >
> '# ppp -ddial alice' does work
> '# find / -uid 1001 -exec chown 1000 '{}' \;' no messages
> '# find / -gid 1001 -exec chown :1000 '{}' \;' no messages
> > Ctrl + Alt + F9
I think you can now spot a possible mistake for the file owner
change I mentioned above: Only files inside /home should have
been in the initial scope, but somehow -uid 1001 has been
avaluated true for /usr/bin/su, even though I cannot imagine
what should have caused this.
Do you have other files in /usr or even /usr/local that do
belong to rocketmouse (uid == 1000 or 1001) now? That should
not have happened...
> Without success I again read some important messages of this thread in the
> archive and googled regarding to the suid issue.
Some programs check by whom they are called or who they
belong to; if that's != root when it is _supposed_ to
be root, that can cause problems, especially when it's
not a simple x (execute), but s (setuid) program like
an X display manager.
> Any hints are welcome!
Check for defective permissions. In worst case, update
your system from source or binary to fix permissions.
Maybe there's also an "mtree trick" to do it.
--
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
