From: Chris Knorr (cknorr@trapsystems.com)
Date: Fri Oct 01 2004 - 10:19:02 EDT
Problem:
Non-root users cannot do various things. This includes things like "ps aux"
(it just returns the top header line containing column descriptions),
"crontab -l" (says it can't open their crontab file) or "su" (just goes back
to the shell prompt -- no errors. yes, the login account has been added to
the system group).
Solution:
The overwhelming consensus from the many responses I received was that the
SUID bit had been removed. This indeed turned out to be the case! The weird
thing is it didn't seem to have been done globally (either on the entire
system or directory), so I'm definitely stumped as to how this happened.
Nevertheless, setting the SUID bit on ps, su, and crontab most definitely
corrected the problem.
A few additional items which may help someone someday:
The fverify utility was mentioned by many people to identify problems. This
looks very nice but it appears to work subset by subset. I was hoping there
would be something more global - running fverify on every installed subset
seems like a lot of work, especially since the few subsets I tried were
producing a load of messages/information.
Ken Kleiner suggested looking at a download and install and run
'checkrootkit' from www.chkrootkit.org. I did try downloading and building
this but I got many errors trying to build it under Tru64 Unix V5.1 with the
gcc compiler. The README says it's supported on T64, but it didn't work so
well for me.
Thanks for everyone's great responses!
Chris
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:50:08 EDT