> Bevan C. Bennett wrote: > Subject: Re: Blank password works for root > > > Bill Beeman wrote: > > If anyone else has any ideas, I'm open: to recap, a null > password works > > for root on this machine, whether from the console, a ssh > session, or an > > X session. The same when attempting to su...either the > root password or > > a null password works. > > > > This is not the case with a normal user password. I've run > > chkrootkit-0.43, and it comes up clean. > > > > Ideas? > > To reiterate my working theory, I think your root user actually has a > null password, either in the system files or in a remote > authentication > store (like LDAP). > > The complete 'auth' contents of your system-auth, plus the root entry > from /etc/shadow (obfuscate is desired) would help our > debugging efforts. > Here's system-auth: #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required /lib/security/$ISA/pam_env.so auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok auth sufficient /lib/security/$ISA/pam_smb_auth.so use_first_pass nolocal auth required /lib/security/$ISA/pam_deny.so account required /lib/security/$ISA/pam_unix.so password required /lib/security/$ISA/pam_cracklib.so retry=3 type= password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok shadow password required /lib/security/$ISA/pam_deny.so session required /lib/security/$ISA/pam_limits.so session required /lib/security/$ISA/pam_unix.so and the (obfuscated) root entry from /etc/shadow: root:xxxxxxxxxxx:12426:0:99999:7::: Hope this helps.. Bill
