Problem
on sh-demo, su not working. Display "incorrect password " even when the password is correct.
[jianli2@sh-demo ~]$ id
uid=500(jianli2) gid=500(jianli2) groups=500(jianli2)
[jianli2@sh-demo ~]$ su root
Password:
su: incorrect password
[jianli2@sh-demo ~]$
Solution
/bin/su should be set as SUID file but someone changed it. Need to change back as root:
chmod 4755 /bin/su
SUID (set uder id) and SGID (set group id). When set this for a file, will casue any person or process that runs the file to have access to system resources as though they are owner of the file.
SUID: chmod 4000 filename
SGID: chmod 2000 filename
This is a very dangerous action and Linux by default already removed the function of SUID & SUID on script file.
Detailed Step
(1) Find out the /bin/su file permerssion is changed
+ ls -lt /bin/su
-rwxr-xr-x 1 ecarter root 27052 2007-04-02 23:33 /bin/su
(2) As root, change back the permission for file
chmod 4755 /usr/bin/su
$ ls -lt /bin/su
-rwsr-xr-x 1 root root 27052 2007-04-02 23:33 /bin/su
Links
SUID SGID and fix-mode
Danger of SUID Shell Scripts
Tag
SUID SGID setuid set user id