su的时候报:could not open session
新建立的用户也不可以
用户可以直接登录,但是报uid错误。
[root@XiMenFront ~]# useradd -g users -d /home/xxx -u 520 xxx
[root@XiMenFront ~]# su - xxx
could not open session
网上一位朋友的文章
Support wrote:
> I'm using RH 9, I could not su to other users besides root. when I do "su"
>
> [root@server] # su - user1
> could not open session
>
> If I do this directly from console:
> id: user1
> passwd:
>
> id: could not find name for uesr ID 1001
> id: could not find name for uesr ID 1001
> [I have no name!@server user1]$
> does any know about it? please advise.
>
1) Study the error messages in
# cat /var/log/messages (and possibly in /var/log/secure)
2) /etc/passwd and /etc/shadow files are propably OK.
Anyway, check the lines.
# grep user1 /etc/passwd /etc/shadow
3) Check file permissions
# ls -ld /etc /etc/passwd /etc/shadow /etc/pam.d
drwxr-xr-x 103 root root 12288 Mar 15 10:04 /etc
drwxr-xr-x 2 root root 4096 Mar 15 10:05 /etc/pam.d
-rw-r--r-- 1 root root 2623 Mar 15 09:50 /etc/passwd
-rw------- 1 root root 1588 Mar 15 09:52 /etc/shadow
(just note: /etc/shadow should always be -r-r--r--)
4) Maybe there is something wrong in "/etc/pam.d/su" file ?
# cat /etc/pam.d/su (note: this machine is Fedora-2 test)
#%PAM-1.0
auth sufficient /lib/security/$ISA/pam_rootok.so
auth required /lib/security/$ISA/pam_stack.so service=system-auth
account required /lib/security/$ISA/pam_stack.so service=system-auth
password required /lib/security/$ISA/pam_stack.so service=system-auth
session required /lib/security/$ISA/pam_stack.so service=system-auth
session optional /lib/security/$ISA/pam_selinux.so multiple
session optional /lib/security/$ISA/pam_xauth.so
查看出错的服务器
vi /var/log/messages
Nov 15 18:01:51 XiMenFront su(pam_unix)[3303]: session opened for user informix by root(uid=0)
Nov 15 18:01:51 XiMenFront su[3303]: Warning! Could not relabel /dev/pts/2 with user_u:object_r:initrc_devpts_t,
not relabeling.Operation not permitted
执行操作
[root@XiMenFront ~]# ls -ld /etc /etc/passwd /etc/shadow /etc/pam.d
drwxr-xr-x 80 root root 12288 Nov 15 18:08 /etc
drwxr-xr-x 2 root root 4096 Nov 14 18:33 /etc/pam.d
-rw------- 1 root root 2180 Nov 15 18:08 /etc/passwd
-rw------- 1 root root 1435 Nov 15 18:08 /etc/shadow
发现权限不对,
[root@XiMenFront ~]# chmod go+r /etc/passwd
[root@XiMenFront ~]# ls -ld /etc /etc/passwd /etc/shadow /etc/pam.d
drwxr-xr-x 80 root root 12288 Nov 15 18:08 /etc
drwxr-xr-x 2 root root 4096 Nov 14 18:33 /etc/pam.d
-rw-r--r-- 1 root root 2180 Nov 15 18:08 /etc/passwd
-rw------- 1 root root 1435 Nov 15 18:08 /etc/shadow
执行权限后Ok
来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/312079/viewspace-245524/,如需转载,请注明出处,否则将追究法律责任。
转载于:http://blog.itpub.net/312079/viewspace-245524/