Okay, I have something weird happening. Just installed Mandrake 8.2, and started with two users. No matter what I do, I cannot log in as root from the login screen! I checked the password carefully many times, and it says it is an incorrect password. (Shadowed passwords on.)... The TRULY strange this is that if I log in as the normal user, and then use su, I CAN become root by typing in the EXACT SAME PASSWORD.

Has anyone else ever had this problem? I didn't have it with the same user/pass combot in Mandrake 8.1. It doesn't seem to matter what the root password is, after su-ing, I used passwd to change it, and the same weird inability to directly log in as root occured. Any ideas?

Wish I could help. i'm still using Mandrake 8.1. Let us know what happens or what you find out. I was going to upgrade. Now I'll wait to see what happens with this.

I'm not sure about Mandrake, but FreeBSD comes with a user named "toor" for a backup.
Have you checked to see if the root user has a valid shell?

I haven't yet had a chance to try out Mandrake 8.2. From what I've heard, there's still some bugs to be ironed out. Here's a related bug I know of.

Apparently, when you use 'adduser' to create a user (from the root account), it creates the user, but sets the file ownerships/groups of all the new user's files wrong. This means that the new user doesn't have permissions to access his own files! I had to manually log back in as root and reset the file permissions back to the user's name and group before the user started to work right. I don't know if this same problem exists from the 'create user' part of the install.

So it would seem that all is not right with the user/pass logins. Key an eye on the Mandrake Forum (http://www.mandrakeforum.com/article.php?sid=2007&lang=en). The issue you're having will probably come up soon :).

Just as a note, the default shell is /bin/bash, so it has a valid shell.

Mandrake sucks, but thats beside the point.

I can't remember the name of the file now, it is one of the files in /etc ( /etc/securtty or something). It allows you to define what terminals root can log into. Its normally a big long list of every terminal possible. It has been a while, so I am not sure if this is still valid. One of the things I used to do to secure a box, was eliminate every terminal except tty1. That way, you could not telnet into the machine and log in as root. You had to su. Well, if that file is missing (or empty), then it is possible that root login is disabled. Like I said, it has been a while, and I don't know if this is still valid.

Actually, the real question is, is this a bug, or a security feature? You can still su, so it isn't like root is gone...

(I dont know if it would make sense but I had trouble awhile back trying to login to my machine, except remotely.....I found out that there is a file called securetty or something like that i'm not to sure. And it was not allowing remote root logins SO what i'm trying to get to is that maybe) <- I was gonna say that but then i looked at soulemans post.. so ditto on that!

I agree with souleman. It is a preventative measure to lock out all options but tty1 for root. soule: /etc/securetty :P check that terr.

I also use the /etc/securetty file but you know whats so fun.....comment every thing but say tty6 and even if they have root or a username and password they cant login unless they know the terminal! :)
Terr have you tried killing the password and logging on with no password. Are you loging in on runlevel5 or 3?

This is definitely a result of /etc/securetty

I have everything but tty1 setup to do that, and I always log in on TTY1, so it's in use. :) It's only for when I'm too lazy to do an su - that I actually bother to log in on that TTY.

What they said about /etc/securetty is correct. Make sure there's a 'console' entry.

Okay okay already! :) Just tried, securetty was blank, added vc/1 through vc/6 and it worked fine. I guess I'll add "console" for thouroughness, and the TTYs... If I was to use Telnet or SSH in the future, which entries would I have to add? (I probably will never have to, my current DSL modem is unlikely to ever work with *nix.) Thanks.