Blank password works for root
Nix, Robert P.
Nix.Robert at mayo.edu
Fri Jan 9 19:21:06 UTC 2004
In looking at my system-auth file, I have the line you are referencing (with likeauth nullok) but I don't have the problem you have; no password does not work for root on my system (or for any other userid, for that matter...) While taking that off may make your problem go away, I don't think it's the solution.... There's something else going on.
----
Robert P. Nix internet: nix.robert at mayo.edu
Mayo Clinic phone: 507-284-0844
RO-CE-8-857 page: 507-270-1182
200 First St. SW
Rochester, MN 55905
---- "Codito, Ergo Sum"
"In theory, theory and practice are the same,
but in practice, theory and practice are different."
> -----Original Message-----
> From: Bill Beeman [SMTP:bbeeman at beemangroup.com]
> Sent: Friday, January 09, 2004 12:03 AM
> To: fedora-list at redhat.com
> Subject: RE: Blank password works for root
>
> -----Original Message-----
> > From: fedora-list-admin at redhat.com
> > [mailto:fedora-list-admin at redhat.com]On Behalf Of Frank Turscak
> > Sent: Thursday, January 08, 2004 9:23 PM
> > To: fedora-list at redhat.com
> > Subject: Re: Blank password works for root
> >
> >
> > Bill Beeman wrote:
> >
> > >"Bevan C. Bennett" <bevan at fulcrummicro.com> wrote in message
> > >news:3FFE03D5.5030505 at fulcrummicro.com...
> > >
> > >
> > >>Bill Beeman wrote:
> > >>
> > >>
> > >>>I just discovered that I can log into my FC1 box as root
> > with either the
> > >>>root password, or by simply leaving the password blank!
> > >>>
> > >>>Functions this way from a command line, or in a terminal
> > within either
> > >>>KDE or Gnome.
> > >>>
> > >>>
> > >>What exactly are you doing to 'log in'?
> > >>Is this with 'su' from an existing command line, from the system
> > >>console, or with a remote access program like ssh, telnet or rlogin?
> > >>
> > >>If possible, see if the behavior is consistant between
> > using su after
> > >>logging in as a non-root user, logging in on console, or
> > connecting with
> > >>ssh?
> > >>
> > >>The first place I'd look in this case is in /etc/pam.d/
> > >>See if there are any files named *.rpmnew and if so check out the
> > >>differences between them and the originals. Look especially
> > to see if
> > >>anything has pam_rootok.so listed, and where.
> > >>
> > >>
> > >
> > >This is consistent, whether from console, existing command
> > line, or ssh from
> > >elsewhere,
> > >and works whether logging in as root, or by su from another user. In
> > >essence, no
> > >root security.
> > >
> > >I've run chkrootkit-0.43, which comes up clean.
> > >
> > >However, comparing /etc/pam.d/system-auth with
> > system-auth.rpmnew, I noticed
> > >the line
> > >
> > >auth sufficient /lib/security/$ISA/pam_unix.so
> > likeauth nullok
> > >
> > >in both. removing "likeauth nullok" seems to solve the
> > problem, but leaves
> > >the question of how it got that way. System-auth notes that
> > it will be
> > >regenerated and user changes discarded when authconfig is
> > run. I'll play
> > >with that a bit, but don't recall running that before.
> > Anyone have any ideas
> > >what may have generated this?
> > >
> > >Bill
> > >
> > >
> > >Run "man sudoers". Seems to me something in the file
> > "/etc/sudoers" might have gone awry.
> > >
> > >
> > Frank
> >
>
> In /etc/sudoers, the only uncommented line is:
>
> root ALL=(ALL) ALL
>
> which looks OK. Running authconfig puts the "likeauth nullok" back into
> system-auth, which recreates the problem. Looks like I need to put more
> time into the pam man pages.
>
> Bill
>
>
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
More information about the fedora-list
mailing list