public inbox for gentoo-user@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-user] KDE and permissions problems
@ 2012-03-17 10:19 Dale
  2012-03-17 13:11 ` pk
  0 siblings, 1 reply; 7+ messages in thread
From: Dale @ 2012-03-17 10:19 UTC (permalink / raw
  To: gentoo-user

Howdy,

This is sort of weird.  I upgraded my kernel to gentoo's 3.2.9.  When I
rebooted, I noticed some odd issues with permissions.  When I try to log
into Konsole or some other root access program, I get something like this:

The program 'su' could not be found.
Ensure your PATH is set correctly.

or

Permission denied.
Possibly incorrect password, please try again.
On some systems, you need to be in a special group (often: wheel) to use
this program.

This is also really odd permissions:

-rws--x--x  1 root root   36680 Mar 16 23:36 su
-rws--x--x  1 root root   52416 Mar 16 23:19 umount
-rws--x--x  1 root root   42592 Mar 16 23:36 passwd

There are a few others but you get the idea of my problem here.
Somehow, the permissions seem to be off a bit.  I have re-emerged the
packages that own these files, no change.  I have googled but only found
old issues with this.

I have not changed or even touched fstab in a good long while.  I have
not added or changed permissions regarding my user either.  It seems
some update has caused this but if re-emerging the package doesn't fix
it, then what?  I am in the wheel group.  I'm also in the tty group.

I rebooted to my previous kernel, thought maybe it was a config issue or
something, no change.  This was working a few days ago.

Also, when I am in a console, I can log in as a user but can't su - to
root.  I can log in as root directly tho tho.  So switching from user to
root using su is out even in console.

I have a new unbooted install on a separate drive, it has the same odd
permissions on it.

Anyone else seeing this?  Any ideas on how to fix it?

Thanks.

Dale

:-)  :-)

-- 
I am only responsible for what I said ... Not for what you understood or
how you interpreted my words!

Miss the compile output?  Hint:
EMERGE_DEFAULT_OPTS="--quiet-build=n"



^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [gentoo-user] KDE and permissions problems
  2012-03-17 10:19 [gentoo-user] KDE and permissions problems Dale
@ 2012-03-17 13:11 ` pk
  2012-03-18  2:47   ` Dale
  2012-03-18  3:11   ` Bruce Hill, Jr.
  0 siblings, 2 replies; 7+ messages in thread
From: pk @ 2012-03-17 13:11 UTC (permalink / raw
  To: gentoo-user

On 2012-03-17 11:19, Dale wrote:

> The program 'su' could not be found.
> Ensure your PATH is set correctly.

What does 'echo $PATH' give you? /bin should be in your path (that's
where 'su' is located, or should be)... My $PATH looks like this:
/usr/local/bin:/usr/bin:/bin:/opt/bin:/usr/x86_64-pc-linux-gnu/gcc-bin/4.5.3:/usr/games/bin

I don't know if this is the case but maybe, you're using some of the
new-fangled screw up'ed tools like, dracut, systemd etc. that wants to
move everything into /usr (on the same partition as /) and as such
changes your $PATH accordingly (without checking perhaps - which would
be consistent with the arrogance of the coders).

> -rws--x--x  1 root root   36680 Mar 16 23:36 su
> -rws--x--x  1 root root   52416 Mar 16 23:19 umount
> -rws--x--x  1 root root   42592 Mar 16 23:36 passwd

The 's' part is for the SetUID bit which gives the root-owned command in
question root privileges, in order to switch user... See:
http://blog.superuser.com/2011/04/22/linux-permissions-demystified/

(esp. the "Getting sticky!" chapter).

That's not all though...:

> it, then what?  I am in the wheel group.  I'm also in the tty group.

Check your /etc/pam.d/su file... it should contain (at least) this line:
auth       required     pam_wheel.so use_uid

That's what gives you permission to use 'su' as a member of the 'wheel'
group ('su' is controlled by 'pam').

Best regards

Peter K



^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [gentoo-user] KDE and permissions problems
  2012-03-17 13:11 ` pk
@ 2012-03-18  2:47   ` Dale
  2012-03-18  8:24     ` Dale
  2012-03-18  3:11   ` Bruce Hill, Jr.
  1 sibling, 1 reply; 7+ messages in thread
From: Dale @ 2012-03-18  2:47 UTC (permalink / raw
  To: gentoo-user

pk wrote:
> On 2012-03-17 11:19, Dale wrote:
> 
>> The program 'su' could not be found.
>> Ensure your PATH is set correctly.
> 
> What does 'echo $PATH' give you? /bin should be in your path (that's
> where 'su' is located, or should be)... My $PATH looks like this:
> /usr/local/bin:/usr/bin:/bin:/opt/bin:/usr/x86_64-pc-linux-gnu/gcc-bin/4.5.3:/usr/games/bin


I went to a console, the only place I can log in, and I got nothing for
my paths.  It is empty.


> 
> I don't know if this is the case but maybe, you're using some of the
> new-fangled screw up'ed tools like, dracut, systemd etc. that wants to
> move everything into /usr (on the same partition as /) and as such
> changes your $PATH accordingly (without checking perhaps - which would
> be consistent with the arrogance of the coders).
> 
>> -rws--x--x  1 root root   36680 Mar 16 23:36 su
>> -rws--x--x  1 root root   52416 Mar 16 23:19 umount
>> -rws--x--x  1 root root   42592 Mar 16 23:36 passwd
> 
> The 's' part is for the SetUID bit which gives the root-owned command in
> question root privileges, in order to switch user... See:
> http://blog.superuser.com/2011/04/22/linux-permissions-demystified/

I am using the dracut thingy to boot with.  I hope that thingy has not
screwed up my system.  :-@


> 
> (esp. the "Getting sticky!" chapter).
> 
> That's not all though...:
> 
>> it, then what?  I am in the wheel group.  I'm also in the tty group.
> 
> Check your /etc/pam.d/su file... it should contain (at least) this line:
> auth       required     pam_wheel.so use_uid
> 
> That's what gives you permission to use 'su' as a member of the 'wheel'
> group ('su' is controlled by 'pam').
> 
> Best regards
> 
> Peter K
> 
> 

I do have that line in there.  There are a few others too so I guess it
is normal.

I'm going to check out that linky.

Dale

:-)  :-)


-- 
I am only responsible for what I said ... Not for what you understood or
how you interpreted my words!

Miss the compile output?  Hint:
EMERGE_DEFAULT_OPTS="--quiet-build=n"



^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [gentoo-user] KDE and permissions problems
  2012-03-17 13:11 ` pk
  2012-03-18  2:47   ` Dale
@ 2012-03-18  3:11   ` Bruce Hill, Jr.
  2012-03-18 10:22     ` pk
  1 sibling, 1 reply; 7+ messages in thread
From: Bruce Hill, Jr. @ 2012-03-18  3:11 UTC (permalink / raw
  To: gentoo-user




On March 17, 2012 at 9:11 AM pk <peterk2@coolmail.se> wrote:

> That's what gives you permission to use 'su' as a member of the 'wheel'
> group ('su' is controlled by 'pam').
>
> Best regards
>
> Peter K
>


Am I eternally confused?

su - change user ID or become superuser

It's not _only_ to become root (maybe theoretically if you only have one
normal user). On a true multiuser system you can su (switch user) to any
user.

Since _every_ computer I own or have _ever_ built has -pam globally, pam is
not a requirement to use su ... is it?

mingdao@t420 ~ $ grep pam /etc/make.conf
     truetype udev unicode unicode3 vaapi vim-syntax x264 -consolekit -pam"
mingdao@t420 ~ $ id
uid=1000(mingdao) gid=1000(mingdao)
groups=1000(mingdao),7(lp),10(wheel),16(cron),18(audio),19(cdrom),27(video),80(cdrw),85(usb),100(users),250(portage)
--
Happy Penguin Computers    >`)
126 Fenco Drive            ( \
Tupelo, MS 38801            ^^
662-269-2706; 662-491-8613
support at happypenguincomputers dot com
http://www.happypenguincomputers.com



^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [gentoo-user] KDE and permissions problems
  2012-03-18  2:47   ` Dale
@ 2012-03-18  8:24     ` Dale
  0 siblings, 0 replies; 7+ messages in thread
From: Dale @ 2012-03-18  8:24 UTC (permalink / raw
  To: gentoo-user



Here's a update on this mess.  I resynced and did the updates.  One of
the packages was shadow.  There was some others that I don't think is
related.  So, after that it worked.  I had booted WITH NO init thingy.
So, after making sure it was working and I was sane again, I rebooted
WITH the init thingy.  It failed every time.  Think it was a fluke huh?
 I rebooted WITHOUT the init thingy, works like a champ with no issues
at all.  It does so every time.

As most know, I'm not a init thingy expert but could someone explain to
me why it works when I boot without the init thingy but fails with it?
I used dracut to build it.

Also, I boot the exact same kernel each time.  I don't mean the same
version, I mean the EXACT SAME FILE.  I just remove the init line from
grub so that it doesn't load the init thingy.

Why is this happening?  Any ideas?  Bug maybe?

Dale

:-)  :-)


-- 
I am only responsible for what I said ... Not for what you understood or
how you interpreted my words!

Miss the compile output?  Hint:
EMERGE_DEFAULT_OPTS="--quiet-build=n"



^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [gentoo-user] KDE and permissions problems
  2012-03-18  3:11   ` Bruce Hill, Jr.
@ 2012-03-18 10:22     ` pk
  2012-03-18 12:56       ` Bruce Hill, Jr.
  0 siblings, 1 reply; 7+ messages in thread
From: pk @ 2012-03-18 10:22 UTC (permalink / raw
  To: gentoo-user

On 2012-03-18 04:11, Bruce Hill, Jr. wrote:

> Am I eternally confused?

I have no idea... besides, eternity is a long time... ;-)

> su - change user ID or become superuser
> 
> It's not _only_ to become root (maybe theoretically if you only have one
> normal user). On a true multiuser system you can su (switch user) to any
> user.

Yes, correct. Sorry if this was implied; I only talked about Dales
specific problem...

> Since _every_ computer I own or have _ever_ built has -pam globally, pam is
> not a requirement to use su ... is it?

Nope. Again, I was only trying to help Dale... If su is owned by
'root.root' (user.group) I assumed that it's execution was controlled by
something else since it otherwise should be owned by 'root.wheel'
(unless you're part of the 'root' group, which I don't think is
recommended). If you're not running pam then I assume your 'su' is owned
by 'root.wheel'?

Best regards

Peter K



^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [gentoo-user] KDE and permissions problems
  2012-03-18 10:22     ` pk
@ 2012-03-18 12:56       ` Bruce Hill, Jr.
  0 siblings, 0 replies; 7+ messages in thread
From: Bruce Hill, Jr. @ 2012-03-18 12:56 UTC (permalink / raw
  To: gentoo-user




On March 18, 2012 at 6:22 AM pk <peterk2@coolmail.se> wrote:

> On 2012-03-18 04:11, Bruce Hill, Jr. wrote:
>
> > Am I eternally confused?
>
> I have no idea... besides, eternity is a long time... ;-)
>
> > su - change user ID or become superuser
> >
> > It's not _only_ to become root (maybe theoretically if you only have
one
> > normal user). On a true multiuser system you can su (switch user) to
any
> > user.
>
> Yes, correct. Sorry if this was implied; I only talked about Dales
> specific problem...
>
> > Since _every_ computer I own or have _ever_ built has -pam globally,
pam is
> > not a requirement to use su ... is it?
>
> Nope. Again, I was only trying to help Dale... If su is owned by
> 'root.root' (user.group) I assumed that it's execution was controlled by
> something else since it otherwise should be owned by 'root.wheel'
> (unless you're part of the 'root' group, which I don't think is
> recommended). If you're not running pam then I assume your 'su' is owned
> by 'root.wheel'?
> Best regards
>
> Peter K
>


The ownership is not changed, with user(s) where it's necessary (never on
servers) in the wheel group.

mingdao@t420 ~ $ ls -l /bin/su
-rws--x--x 1 root root 53440 Oct  7 07:00 /bin/su
mingdao@t420 ~ $ ls -l /usr/bin/sudo
---s--x--x 2 root root 71144 Feb 22 06:34 /usr/bin/sudo

# less /etc/sudoers
<snip>
## Same thing without a password
  %wheel ALL=(ALL) NOPASSWD: ALL
<snip>

mingdao@t420 ~ $ id uid=1000(mingdao) gid=1000(mingdao)
groups=1000(mingdao),7(lp),10(wheel),16(cron),18(audio),19(cdrom),27(video),80(cdrw),85(usb),100(users),250(portage)

The 'stuff' happens when you issue "visudo" and edit the above file. I've
never studied this on Gentoo, but also have:
-rwxr-xr-x 1 root root 180696 Feb 22 06:34 /usr/lib64/sudo/sudoers.so

Meh ... too much to learn for an old dog like me.
--
Happy Penguin Computers    >`)
126 Fenco Drive            ( \
Tupelo, MS 38801            ^^
662-269-2706; 662-491-8613
support at happypenguincomputers dot com
http://www.happypenguincomputers.com



^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2012-03-18 12:58 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-03-17 10:19 [gentoo-user] KDE and permissions problems Dale
2012-03-17 13:11 ` pk
2012-03-18  2:47   ` Dale
2012-03-18  8:24     ` Dale
2012-03-18  3:11   ` Bruce Hill, Jr.
2012-03-18 10:22     ` pk
2012-03-18 12:56       ` Bruce Hill, Jr.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox