WelcomeWelcome | FAQFAQ | DownloadsDownloads | WikiWiki

Author Topic: local root login  (Read 57043 times)

Offline aas202

  • Newbie
  • *
  • Posts: 8
local root login
« on: November 22, 2010, 12:07:56 AM »
Hi,

I'm trying to login as root but get "Invalid login" error.
I've added noautologin to the kernel line and now promted to enter a user name everytime I login. user 'tc' is all right, but 'root' causes the error above. Hovewer if I log in as tc and then do "su" I can login as root with the password.

here is my inittab:

ttyS0::respawn:/sbin/getty 38400 ttyS0

Do you have any solution for this?

thank you in advance
« Last Edit: November 22, 2010, 12:26:59 AM by aas202 »

Offline maro

  • Hero Member
  • *****
  • Posts: 1228
Re: local root login
« Reply #1 on: November 22, 2010, 12:45:03 AM »
aas202: AFAIK the 'root' user does not come with a pre-defined password. At least not anymore, IIRC it used to be the password 'root' for older versions up to (and including) TC 3.0.

So you first have to allow for at least one "default" startup so that you get to a shell as user 'tc'. Then set the 'root' password (e.g. as user 'tc' via sudo passwd). It might be worth to test a login as 'root' straight away (but not to re-boot first).

You have to ensure that the change to '/etc/shadow' "survives" the next re-boot by adding it to the backup "white-list" (e.g. via echo 'etc/shadow' >> /opt/.filetool.lst, and then executing a backup (e.g. via filetool.sh -b).

That should be it. If it's not working with those steps you better check in your backup file that it really contains the correct version of the 'shadow' file. I don't think that a customised version of '/etc/inittab' makes any difference in this matter.

Offline aas202

  • Newbie
  • *
  • Posts: 8
Re: local root login
« Reply #2 on: November 22, 2010, 12:49:04 AM »
Hi

Thanks for reply.

Yes, I created a new password for the root and added /etc/shadow to my backup.
It all works because I can do 'su' and login as root with my password from a user shell. The problem is that I cant login as root during the system startup.

And the problem is not a password I guess, bcoz it doesnt even ask me about the password throwing "incorrent login" after I enter 'root' as a login
« Last Edit: November 22, 2010, 12:50:51 AM by aas202 »

Offline maro

  • Hero Member
  • *****
  • Posts: 1228
Re: local root login
« Reply #3 on: November 22, 2010, 01:05:38 AM »
The 'su' from user 'tc' is no proof in my view as you've got according to the default setup pretty much no restrictions in that regard (see sudo grep tc /etc/sudoers). So what do you really get on your system with sudo grep root /etc/shadow | cut -d : -f 2 ?? If the result is '*' your 'root' password is still undefined.

BTW, I hope you did not add '/etc/shadow' but 'etc/shadow' to the "white-list" (notice the missing leading forward slash).

Offline aas202

  • Newbie
  • *
  • Posts: 8
Re: local root login
« Reply #4 on: November 22, 2010, 01:20:06 AM »
BTW, I hope you did not add '/etc/shadow' but 'etc/shadow' to the "white-list" (notice the missing leading forward slash).

yes sure it is etc/shadow

So what do you really get on your system with sudo grep root /etc/shadow | cut -d : -f 2 ?? If the result is '*' your 'root' password is still undefined.

I get the password $1$K/Gdq3hU$o4DFiTQZUjC5VPAjw0bWh4

Offline SvOlli

  • Full Member
  • ***
  • Posts: 193
  • Linux Developer
Re: local root login
« Reply #5 on: November 22, 2010, 02:29:05 AM »
Also note that root login is disabled and you'll get logged in as the user TC if the file /etc/sysconfig/superuser it missing.

Offline maro

  • Hero Member
  • *****
  • Posts: 1228
Re: local root login
« Reply #6 on: November 22, 2010, 03:11:21 AM »
OK I think I've now been able to reproduce your issue: At the login I'm getting 'Login incorrect' (when trying to login as 'root'). I'm not even getting asked for a password.

What I did not fully "see" the first time around was the fact that you changed the terminal from 'tty1' to 'ttyS0' (the green background of that line made it not particular easy to read in my browser).

For this test I created myself a new initrd that (apart from a changed '/etc/shadow') also contained your entry instead of the 'tty1::...' one in '/etc/inittab'. Using this in a QEMU VM I could only login (on the emulated serial terminal) as user 'tc'.

After a bit of digging around in the source of the BusyBox 'login' applet I stumbled over the following:
Code: [Select]
    if (pw->pw_uid == 0 && !check_securetty())
        goto auth_failed;
Clearly I had not thought about the possibility that the terminal (i.e. 'ttyS0' in your case) could be dis-allowed by a missing entry in '/etc/securetty'. As it turns out the 'ttyS0' is indeed commented out for TC. I don't know why that is the case, but it can be easily changed.

So a further test (where I used sudo sed -i '/ttyS0$/s/^# *//' etc/securetty to change the content of the initrd) confirmed that to be the "culprit". Mind you when one now does login as 'root' the "standard" '/root/.profile' kicks in and one ends up again in a shell of user 'tc'. But I assume you are anyway building quite a non-standard TC system, so you would have considered to change that as well.

BTW I guess all those changes are better done by remastering of the initrd as most of these files are required pretty early in the "startup game", and the restoration of changed files from the backup is likely to be too late for most of them.

Note: I hope that your explanation "here is my inittab" is not to be taken that there is nothing else in your '/etc/inittab'. I actually also tried that scenario, and it would mean that '/etc/init.d/rcS' does not get executed. So one ends up with a fairly non-TC system. It still allows you to login, but so much more is missing, I assume you would have mentioned that as well.

Offline aas202

  • Newbie
  • *
  • Posts: 8
Re: local root login
« Reply #7 on: November 22, 2010, 04:38:06 PM »
Hi,

Yeeep, that is solved. I'm fool.

The file /etc/securetty comes with self explained header "# /etc/securetty: List of terminals on which root is allowed to login."

And the content is as follows

# For people with serial port consoles
#ttyS0

# Standard consoles
tty1
tty2
tty3
tty4
tty5
tty6
tty7


I just need to uncomment one line. My problem is solved now. Thank you for help.

Offline aas202

  • Newbie
  • *
  • Posts: 8
Re: local root login
« Reply #8 on: November 22, 2010, 05:20:36 PM »
But ... another odd thing is happenning now

Micro Core Linux
localhost login: root
Password:


Micro Core Linux
localhost login: root
Password:

root@localhost:~#


As in example above I need to enter my credentials twice to login.

Offline maro

  • Hero Member
  • *****
  • Posts: 1228
Re: local root login
« Reply #9 on: November 22, 2010, 05:37:20 PM »
What have you done about '/root/.profile'? As I had already mentioned in reply #6 the "standard" 'profile' is unlikely to suit your situation.

Also what is the process tree for this 'root' login shell? Due to the limitation of the BusyBox 'ps' I suggest to use ps -o 'pid,ppid,user,tty,args' to work out the "parental relationships" (or install the 'procps.tcz' extension and use ps -efH).

Offline aas202

  • Newbie
  • *
  • Posts: 8
Re: local root login
« Reply #10 on: November 22, 2010, 05:56:29 PM »
Hi

What I did when tested this, I changed /etc/sysconfig/tcuser entry to 'root', but my system freezes every login now, so I guess that was not right way of doing things.

The process tree is
 
root@localhost:~# ps -o 'pid,ppid,user,tty,args'
PID   PPID  USER     TT     COMMAND
    1     0 root     ?      init
    2     0 root     ?      [kthreadd]
    3     2 root     ?      [migration/0]
    4     2 root     ?      [ksoftirqd/0]
    5     2 root     ?      [events/0]
    6     2 root     ?      [khelper]
    7     2 root     ?      [async/mgr]
    8     2 root     ?      [pm]
    9     2 root     ?      [sync_supers]
   10     2 root     ?      [bdi-default]
   11     2 root     ?      [kblockd/0]
   12     2 root     ?      [kacpid]
   13     2 root     ?      [kacpi_notify]
   14     2 root     ?      [kacpi_hotplug]
   15     2 root     ?      [ata/0]
   16     2 root     ?      [ata_aux]
   17     2 root     ?      [ksuspend_usbd]
   18     2 root     ?      [khubd]
   19     2 root     ?      [kseriod]
   21     2 root     ?      [rpciod/0]
   23     2 root     ?      [kswapd0]
   24     2 root     ?      [ksmd]
   25     2 root     ?      [aio/0]
   26     2 root     ?      [nfsiod]
   27     2 root     ?      [crypto/0]
   44     2 root     ?      [kpsmoused]
   45     2 root     ?      [usbhid_resumer]
   74     1 root     ?      /sbin/udevd --daemon
  213    74 root     ?      /sbin/udevd --daemon
  290     2 root     ?      [jbd2/hda1-8]
  291     2 root     ?      [ext4-dio-unwrit]
  296     2 root     ?      [flush-3:0]
  376     1 root     ?      /sbin/udhcpc -b -i eth0 -h localhost -p /var/run/ud
  379     1 root     4,64   -sh
  382   379 root     4,64   ps -o pid,ppid,user,tty,args
 
« Last Edit: November 22, 2010, 06:02:24 PM by aas202 »

Offline aas202

  • Newbie
  • *
  • Posts: 8
Re: local root login
« Reply #11 on: November 22, 2010, 06:00:09 PM »
What have you done about '/root/.profile'? As I had already mentioned in reply #6 the "standard" 'profile' is unlikely to suit your situation.

Also what is the process tree for this 'root' login shell? Due to the limitation of the BusyBox 'ps' I suggest to use ps -o 'pid,ppid,user,tty,args' to work out the "parental relationships" (or install the 'procps.tcz' extension and use ps -efH).

The bahavior is different for installed/not installed system.

If I run it from iso image:
 
login: root
password: password

tc@localhost (getting tc shell instead of root)

If I install the image to hda and run it again
 
login: root
password: password

login: root
password: password

root@localhost (true root shell)

the problem is that I need to login as root twice for some reason

Offline aas202

  • Newbie
  • *
  • Posts: 8
Re: local root login
« Reply #12 on: November 22, 2010, 06:09:30 PM »
Well,

I moved a bit forward. I've deleted /root/.profile and now can login as root.

much appreciate you help