Linux-Noob Forums
su: incorrect password - Printable Version

+- Linux-Noob Forums (https://www.linux-noob.com/forums)
+-- Forum: Distro Noob (https://www.linux-noob.com/forums/forum-10.html)
+--- Forum: Fedora (https://www.linux-noob.com/forums/forum-94.html)
+--- Thread: su: incorrect password (/thread-3324.html)

su: incorrect password - klumpen - 2004-06-09


hi!

 

For some day ago i wrote chmod 777 * in my /bin folder (dont ask me why:P ), but now I cant switch users.

I just get the error message "su: incorrect password" all the time.

 

Anyone know how to fix this? :)

 

[klumpen@klumpen klumpen]$ su -

Password:

su: incorrect password

 

I can log into root tru one TTY.



su: incorrect password - z0ny - 2004-06-14


The problem is that "su" has to be suid in order to read from the shadow file of your system to verify the password you have given. By issuing "chmod 777 *" you deleted the suid bit (777 = 0777). You have to reset this bit by executing "chmod 4755 /bin/su". That should fix the problem. Anyways, "777" is never a very good idea...

 

z0ny



su: incorrect password - klumpen - 2004-06-14

ah, I see. Thankss :)


su: incorrect password - anyweb - 2004-08-11


interesting,

 

does the same principle apply to apache directories and files

 

i chmod 755 the dirs

 

and 644 the files

 

?



su: incorrect password - z0ny - 2004-08-15


What exactly do you mean?

 

z0ny



su: incorrect password - anyweb - 2004-08-15


i mean whats this about exactly and do i need to apply a similar principle to my apache permissions

 

Quote:The problem is that "su" has to be suid in order to read from the shadow file of your system to verify the password you have given. By issuing "chmod 777 *" you deleted the suid bit (777 = 0777). You have to reset this bit by executing "chmod 4755 /bin/su". That should fix the problem. Anyways, "777" is never a very good idea... 

z0ny
 

cheers

 

anyweb

 

oh and welcome back mate



su: incorrect password - z0ny - 2004-08-16


Well 'su' for example is a program that requires root privileges in order to verify the passwords. Normal users aren't allowed to view the (hashed) passwords of other users but those users are allowed to gain (root) access via 'su'. When they execute 'su' it runs under user permissions so it wouldn't have access to the passwords. And here comes the suid bit (4): it grants that binary (and only that file) access to things you normally can access as root only.

 

Apache doesn't need that. It would even be a security flaw to set the suid bit on apache binaries as exploits may elevate the privileges to root.

 

z0ny