Root powerless?

Mike Eubanks mse_software at charter.net
Mon Nov 21 05:53:11 GMT 2005


On Sun, 2005-11-20 at 20:50 -0800, Brooke Landers wrote:
> >[root at schultz ~]# id
> >uid=0(root) gid=0(wheel) groups=0(wheel), 5(operator)
> >
> >you should have uid=0
> 
> 
> hello Richard. thank you for the help. heres what i get
> 
> srv-0021# id
> uid=0(root) gid=0(wheel) groups=0(wheel), 5(operator)
> 
> /etc/passwd and group look normal too. everything else is running ok.
> 
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"


I don't know if it will help, but you might try `su -' to get a full
root login.  There may be a difference in your environment.  Below is my
reasoning.

``su'' issued by unpriveleged user in group wheel:
[0] yak$ id
uid=1001(bouy) gid=0(wheel) groups=0(wheel)
[0] yak$ su
Password:
[0] yak# echo $USER   <==========  EUID unless target is root (0)
bouy                  <==========
[0] yak# id
uid=0(root) gid=0(wheel) groups=0(wheel), 5(operator)
[0] yak# exit
exit

``su -'' issued by unpriveleged user in group wheel:
[0] yak$ su -
Password:
[0] yak# echo $USER   <==========  EUID unless target is root (0)
root                  <==========
[0] yak# id
uid=0(root) gid=0(wheel) groups=0(wheel), 5(operator)
[0] yak# exit
logout
[0] yak$ man su

Note the difference in the USER environment variable. The following code
exists in the shutdown command, therefore the error appears to be that
of a non-zero EUID.

#ifndef DEBUG
        if (geteuid())
                errx(1, "NOT super-user");
#endif

  This makes sense considering a normal `su' does not change the EUID as
stated in the man page => "USER is set to the target login, unless the
target login has a user ID of 0, in which case it is unmodified."

Hope this helps

-- 
Mike Eubanks <mse_software at charter.net>


More information about the freebsd-questions mailing list