Can't open systemprograms?! PAM configuration?!
Results 1 to 9 of 9

Thread: Can't open systemprograms?! PAM configuration?!

  1. #1
    Junior Member
    Join Date
    Jan 2004
    Posts
    5

    Can't open systemprograms?! PAM configuration?!

    Hi, guys!

    System: RH 9, Standalone

    Got a problem, recently I was able to logon as a user to Xwin and when I try to use a systemprogram like Accounts&Groups or RHN, a window that ask for root's password appeared and when I gave that it worked fine.

    Now I don't get this question!?! How to get it back?! When I try to use same program, with the same user, nothing happens! This user i also a member of the Wheelgroup....

    I have changed som settings in the PAM, but I don't know if it controlls this?! The user is able to su from console(outside and inside Xwin). But don't get the window for password in Xwin!


    Please help me out!

    /devvan

  2. #2
    Leftie Linux Lover the_JinX's Avatar
    Join Date
    Nov 2001
    Location
    Beverwijk Netherlands
    Posts
    2,534
    Did you select the remember root password [X] in kde ??
    that ****t it up for me once . . .

    you can allways login as root and start that stuff .. .
    that's an easier way..

    perhaps you disabled some Xforwarding option (wich is used to be able to run apps as root on a non root X)
    ASCII stupid question, get a stupid ANSI.
    When in Russia, pet a PETSCII.

    Get your ass over to SLAYRadio the best station for C64 Remixes !

  3. #3
    Junior Member
    Join Date
    Jan 2004
    Posts
    5
    I'm running Gnome.. and don't want to be root to run this programs. There must be something that controlls this?!?

    As you said I've enabled this setting in /etc/pam.d/su:
    auth sufficient /lib/security/pam_wheel.so trust use_uid
    (then I didn't need any passwd to su to root) But I have changed it back to, but still don't get any rootpasswd-question!

  4. #4
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Did you reboot when you went to access this particular "run as" feature?

    You might want to look at the following AO Thread. I have a suspicion you are seeing the "feature" that RH says isn't a security vulnerability.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  5. #5
    Junior Member
    Join Date
    Jan 2004
    Posts
    5
    Sorry I didn't explained this good:

    The user don't get this ROOT password question and the systemprogram DON'T start, that's the problem. I WANT this work as it did earlier... the user click on RHN and try update and then get a window that needs ROOT passwd to do this! Now nothing happens...

  6. #6
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Specifically RHN?

    How long ago did you last do this successfully? And have you checked RH's site for any updated versions?
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  7. #7
    Junior Member
    Join Date
    Jan 2004
    Posts
    5
    It worked fine yesterday, but I've made a couple of security changes in PAM and set a couple of files immutable: passwd, shadow, group, gshadow. Also deleted some vendor account's: adm, games, gopher.

    I've got the most recent update from RHN.
    It isn't only RHN, it's all systemprograms, such as "User&groups", Etherdump, Traceroute..... When click to start one of these nothing happens. But "Terminal" and other basic program works fine with this User! The user is a member of the Wheel group.

    As VictorKaum wrote:
    "Redhat authentication tool with the key icon in the notify menu. (that displays the hour and stuff) the so called: Tray icons in Windows. Redhat made it possible to change something while not logged in as root in the graphical shell and becoming root. If you want to do something you need to be root for, RedHat asks for a password. If the correct password is given, RedHat creates the key icon in the tray so you don't need to type the password al the time."

    I need that tool back! Want to give root-passwd when starting a program that needs root-permissions! What is controlling this tool?! How to enable/disable this feature?!
    When logon with root this Icon is back on the notify menu. If i click on that it comes up "Keep authorization" or "Give up authorization".

    /devvan

  8. #8
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    What were the changes you did to PAM? and have you tried reverting the immutable files -- one at a time?

    I don't think the gopher or games accounts would be issues but the Group file might be as might removing the adm. (you did a back up of those files -- shadow and passwd before deleting right?)
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  9. #9
    Junior Member
    Join Date
    Jan 2004
    Posts
    5
    Ok, as you said I think it's a combination of the deleted adm-group and immutable group files.

    MsMittens: Thanx a lot for your answers!

    /Devvan

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •