Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Users cannot su, lp or cron

226 views
Skip to first unread message

emi...@my-deja.com

unread,
Feb 29, 2000, 3:00:00 AM2/29/00
to
Hi, if someone can help me with this one.
AIX 4.1.4
All this started happening from one day to the other.

1) Users cannot su.
root's Password:
3004-501 Cannot su to "root" : Authentication is denied.
(The typed password is correct)

2) Users cannot use lp
/>lp
enq: (FATAL ERROR): 0781-167 Could not get process credentials. Errno
= 1.
enq: errno = 1: Operation not permitted.

3) Users cannot access their crons
/>crontab -e
crontab: 0481-166 The auditproc function failed with errno 1.
crontab: 0481-166 The auditproc function failed with errno 1.
crontab: 0481-109 You are not authorized to use the cron command.


HELP, please.

Sent via Deja.com http://www.deja.com/
Before you buy.

Bernard Chandler

unread,
Feb 29, 2000, 3:00:00 AM2/29/00
to
emi...@my-deja.com wrote:

some one used chmod -r and removed all your set group id's

hope you have a second machine to look at or a good back up.
This book will help immensely with the problem and correction.
I would type the relevant parts except it is at my house.
http://www.amazon.com/exec/obidos/ASIN/1565921488/webviator/002-7491712-0608224

chmod()
Miscellaneous mode bits:

4000 (= u=s) Set-user-id on file execution (file only)
2000 (= g=s) Set-group-id on file execution
1000 (= u=t) Set sticky bit; see chmod(2)

Permission mode bits:

chmod(1)
chmod(1)

0400 (= u=r) Read by owner
0200 (= u=w) Write by owner
0100 (= u=x) Execute (search in directory) by owner
0040 (= g=r) Read by group
0020 (= g=w) Write by group
0010 (= g=x) Execute/search by group
0004 (= o=r) Read by others
0002 (= o=w) Write by others
0001 (= o=x) Execute/search by others

--
Bernie Chandler
http://www.nationwide.net/~bernie

Norman Levin

unread,
Feb 29, 2000, 3:00:00 AM2/29/00
to
Looks like somebody removed SUID bit from these commands.
su should be owned by root and have permissions like:
---s--x--x root ... more stuff
although you will probably see
-r-sr-xr-x root
if "s" missing - that could do it.

emi...@my-deja.com wrote:
>
> Hi, if someone can help me with this one.
> AIX 4.1.4
> All this started happening from one day to the other.
>
> 1) Users cannot su.
> root's Password:
> 3004-501 Cannot su to "root" : Authentication is denied.
> (The typed password is correct)
>
> 2) Users cannot use lp
> />lp
> enq: (FATAL ERROR): 0781-167 Could not get process credentials. Errno
> = 1.
> enq: errno = 1: Operation not permitted.
>
> 3) Users cannot access their crons
> />crontab -e
> crontab: 0481-166 The auditproc function failed with errno 1.
> crontab: 0481-166 The auditproc function failed with errno 1.
> crontab: 0481-109 You are not authorized to use the cron command.
>
> HELP, please.
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.

--
Norman Levin

0 new messages