RE: Blank password works for root

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



In looking at my system-auth file, I have the line you are referencing (with likeauth nullok) but I don't have the problem you have; no password does not work for root on my system (or for any other userid, for that matter...) While taking that off may make your problem go away, I don't think it's the solution.... There's something else going on.

----
Robert P. Nix                            internet: nix.robert@xxxxxxxx
Mayo Clinic                                  phone: 507-284-0844
RO-CE-8-857                                page: 507-270-1182
200 First St. SW 
Rochester, MN 55905      
----   "Codito, Ergo Sum" 
"In theory, theory and practice are the same,
 but in practice, theory and practice are different."



> -----Original Message-----
> From:	Bill Beeman [SMTP:bbeeman@xxxxxxxxxxxxxxx]
> Sent:	Friday, January 09, 2004 12:03 AM
> To:	fedora-list@xxxxxxxxxx
> Subject:	RE: Blank password works for root
> 
>  -----Original Message-----
> > From: fedora-list-admin@xxxxxxxxxx
> > [mailto:fedora-list-admin@xxxxxxxxxx]On Behalf Of Frank Turscak
> > Sent: Thursday, January 08, 2004 9:23 PM
> > To: fedora-list@xxxxxxxxxx
> > Subject: Re: Blank password works for root
> >
> >
> > Bill Beeman wrote:
> >
> > >"Bevan C. Bennett" <bevan@xxxxxxxxxxxxxxxx> wrote in message
> > >news:3FFE03D5.5030505@xxxxxxxxxxxxxxxxxxx
> > >
> > >
> > >>Bill Beeman wrote:
> > >>
> > >>
> > >>>I just discovered that I can log into my FC1 box as root
> > with either the
> > >>>root password, or by simply leaving the password blank!
> > >>>
> > >>>Functions this way from a command line, or in a terminal
> > within either
> > >>>KDE or Gnome.
> > >>>
> > >>>
> > >>What exactly are you doing to 'log in'?
> > >>Is this with 'su' from an existing command line, from the system
> > >>console, or with a remote access program like ssh, telnet or rlogin?
> > >>
> > >>If possible, see if the behavior is consistant between
> > using su after
> > >>logging in as a non-root user, logging in on console, or
> > connecting with
> > >>ssh?
> > >>
> > >>The first place I'd look in this case is in /etc/pam.d/
> > >>See if there are any files named *.rpmnew and if so check out the
> > >>differences between them and the originals. Look especially
> > to see if
> > >>anything has pam_rootok.so listed, and where.
> > >>
> > >>
> > >
> > >This is consistent, whether from console, existing command
> > line, or ssh from
> > >elsewhere,
> > >and works whether logging in as root, or by su from another user.  In
> > >essence, no
> > >root security.
> > >
> > >I've run chkrootkit-0.43, which comes up clean.
> > >
> > >However, comparing /etc/pam.d/system-auth with
> > system-auth.rpmnew, I noticed
> > >the line
> > >
> > >auth       sufficient     /lib/security/$ISA/pam_unix.so
> > likeauth nullok
> > >
> > >in both. removing "likeauth nullok" seems to solve the
> > problem, but leaves
> > >the question of how it got that way.  System-auth notes that
> > it will be
> > >regenerated and user changes discarded when authconfig is
> > run.  I'll play
> > >with that a bit, but don't recall running that before.
> > Anyone have any ideas
> > >what may have generated this?
> > >
> > >Bill
> > >
> > >
> > >Run "man sudoers".  Seems to me something in the file
> > "/etc/sudoers" might have gone awry.
> > >
> > >
> > Frank
> >
> 
> In /etc/sudoers, the only uncommented line is:
> 
> root	ALL=(ALL)  ALL
> 
> which looks OK.  Running authconfig puts the "likeauth nullok" back into
> system-auth, which recreates the problem.  Looks like I need to put more
> time into the pam man pages.
> 
> Bill
> 
> 
> 
> -- 
> fedora-list mailing list
> fedora-list@xxxxxxxxxx
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list




[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux