March 22nd, 2002, 07:26 AM
Mandrake 8.2: Root Login busted!
Okay, I have something weird happening. Just installed Mandrake 8.2, and started with two users. No matter what I do, I cannot log in as root from the login screen! I checked the password carefully many times, and it says it is an incorrect password. (Shadowed passwords on.)... The TRULY strange this is that if I log in as the normal user, and then use su, I CAN become root by typing in the EXACT SAME PASSWORD.
Has anyone else ever had this problem? I didn't have it with the same user/pass combot in Mandrake 8.1. It doesn't seem to matter what the root password is, after su-ing, I used passwd to change it, and the same weird inability to directly log in as root occured. Any ideas?
[HvC]Terr: L33T Technical Proficiency
March 22nd, 2002, 07:49 AM
Wish I could help. i'm still using Mandrake 8.1. Let us know what happens or what you find out. I was going to upgrade. Now I'll wait to see what happens with this.
The COOKIE TUX lives!!!!
Windows NT crashed,I am the Blue Screen of Death.
No one hears your screams.
March 22nd, 2002, 07:58 AM
I'm not sure about Mandrake, but FreeBSD comes with a user named "toor" for a backup.
Have you checked to see if the root user has a valid shell?
Speak softly and carry a big stick; you will go far. - Theodore Roosevelt
March 22nd, 2002, 08:27 AM
I haven't yet had a chance to try out Mandrake 8.2. From what I've heard, there's still some bugs to be ironed out. Here's a related bug I know of.
So it would seem that all is not right with the user/pass logins. Key an eye on the Mandrake Forum. The issue you're having will probably come up soon .
Apparently, when you use 'adduser' to create a user (from the root account), it creates the user, but sets the file ownerships/groups of all the new user's files wrong. This means that the new user doesn't have permissions to access his own files! I had to manually log back in as root and reset the file permissions back to the user's name and group before the user started to work right. I don't know if this same problem exists from the 'create user' part of the install.
OpenBSD - The proactively secure operating system.
March 22nd, 2002, 09:29 AM
Just as a note, the default shell is /bin/bash, so it has a valid shell.
[HvC]Terr: L33T Technical Proficiency
March 22nd, 2002, 03:02 PM
Mandrake sucks, but thats beside the point.
I can't remember the name of the file now, it is one of the files in /etc ( /etc/securtty or something). It allows you to define what terminals root can log into. Its normally a big long list of every terminal possible. It has been a while, so I am not sure if this is still valid. One of the things I used to do to secure a box, was eliminate every terminal except tty1. That way, you could not telnet into the machine and log in as root. You had to su. Well, if that file is missing (or empty), then it is possible that root login is disabled. Like I said, it has been a while, and I don't know if this is still valid.
Actually, the real question is, is this a bug, or a security feature? You can still su, so it isn't like root is gone...
\"Ignorance is bliss....
but only for your enemy\"
March 22nd, 2002, 03:32 PM
(I dont know if it would make sense but I had trouble awhile back trying to login to my machine, except remotely.....I found out that there is a file called securetty or something like that i'm not to sure. And it was not allowing remote root logins SO what i'm trying to get to is that maybe) <- I was gonna say that but then i looked at soulemans post.. so ditto on that!
A+ Cert. Computer Technician
March 22nd, 2002, 08:11 PM
I agree with souleman. It is a preventative measure to lock out all options but tty1 for root. soule: /etc/securetty :P check that terr.
Antionline in a nutshell
\"You\'re putting the fate of the world in the hands of a bunch of idiots I wouldn\'t trust with a potato gun\"
Trust your Technolust
March 22nd, 2002, 08:35 PM
I also use the /etc/securetty file but you know whats so fun.....comment every thing but say tty6 and even if they have root or a username and password they cant login unless they know the terminal!
Terr have you tried killing the password and logging on with no password. Are you loging in on runlevel5 or 3?
March 22nd, 2002, 10:23 PM
This is definitely a result of /etc/securetty
I have everything but tty1 setup to do that, and I always log in on TTY1, so it's in use. It's only for when I'm too lazy to do an su - that I actually bother to log in on that TTY.
The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
\"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
Is your whole family retarded, or did they just catch it from you?