PDA

View Full Version : SU command not working



karthickgin
14-Mar-2017, 02:24
Dear All,

I have got SUSE Linux server version
LSB Version: n/a
Distributor ID: SUSE LINUX
Description: SUSE Linux Enterprise Server 12
Release: 12
Codename: 12
Linux version 3.12.60-52.54-default (geeko@buildhost) (gcc version 4.8.5 (SUSE Linux) ) #1 SMP Sat Jun 25 06:22:00 UTC 2016 (e55cce6)

contains SAP HANA database.

su command stopped to work suddenly. No changes happened in system. I am not getting any error, i logged in as root and tried to su to SAPSIDadm account. Its not working. Any help is appreciated.

Thanks
Kartik

malcolmlewis
14-Mar-2017, 02:44
On Tue 14 Mar 2017 01:34:01 AM CDT, karthickgin wrote:

Dear All,

I have got SUSE Linux server version
LSB Version: n/a
Distributor ID: SUSE LINUX
Description: SUSE Linux Enterprise Server 12
Release: 12
Codename: 12
Linux version 3.12.60-52.54-default (geeko@buildhost) (gcc version 4.8.5
(SUSE Linux) ) #1 SMP Sat Jun 25 06:22:00 UTC 2016 (e55cce6)

contains SAP HANA database.

su command stopped to work suddenly. No changes happened in system. I am
not getting any error, i logged in as root and tried to su to SAPSIDadm
account. Its not working. Any help is appreciated.

Thanks
Kartik




Hi
How are you switching to root user, should be with a - and adm is
all lowercase.


su - root
su sapsidadm
whoami


--
Cheers Malcolm °¿° SUSE Knowledge Partner (Linux Counter #276890)
openSUSE Leap 42.1|GNOME 3.16.2|4.1.38-50-default
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below... Thanks!

karthickgin
14-Mar-2017, 03:20
Hi Malcolm,

I logged in as root and used su - XXXadm
XXXX:~ # whoami
root
XXXX:~ # su - XXXXadm
XXXX:~ #
it still remains as root user

ab
14-Mar-2017, 03:38
I would guess either the user either lacks a valid login shell, or else
the username is wrong somehow. Upper-case characters in usernames are
really rare, so it may be worthwhile to first verify that the user shows
up as you think, along with other user-based settings. Pot the output to
the following:



getent passwd

--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below...

karthickgin
14-Mar-2017, 03:55
Hi Malcom,

We dont use UPPERCASE in user, for hidding i mentioned as XXXX.
output of getent passwd
f
elix:~ # getent passwd
at:x:25:25:Batch jobs daemon:/var/spool/atjobs:/bin/bash
bin:x:1:1:bin:/bin:/bin/bash
daemon:x:2:2:Daemon:/sbin:/bin/bash
ftp:x:40:49:FTP account:/srv/ftp:/bin/bash
games:x:12:100:Games account:/var/games:/bin/bash
haldaemon:x:101:102:User for haldaemon:/var/run/hald:/bin/false
lp:x:4:7:Printing daemon:/var/spool/lpd:/bin/bash
mail:x:8:12:Mailer daemon:/var/spool/clientmqueue:/bin/false
messagebus:x:100:101:User for D-Bus:/var/run/dbus:/bin/false
mysql:x:60:108:MySQL database admin:/var/lib/mysql:/bin/false
nobody:x:65534:65533:nobody:/var/lib/nobody:/bin/bash
ntp:x:74:110:NTP daemon:/var/lib/ntp:/bin/false
pesign:x:105:107:PE-COFF signing daemon:/var/lib/pesign:/bin/false
polkituser:x:106:109:PolicyKit:/var/run/PolicyKit:/bin/false
postfix:x:51:51:Postfix Daemon:/var/spool/postfix:/bin/false
pulse:x:107:111:PulseAudio daemon:/var/lib/pulseaudio:/bin/false
puppet:x:104:106:Puppet daemon:/var/lib/puppet:/bin/false
root:x:0:0:root:/root:/bin/bash
sshd:x:102:103:SSH daemon:/var/lib/sshd:/bin/false
suse-ncc:x:108:113:Novell Customer Center User:/var/lib/YaST2/suse-ncc-fakehome:/bin/bash
uuidd:x:103:105:User for uuidd:/var/run/uuidd:/bin/false
wwwrun:x:30:8:WWW daemon apache:/var/lib/wwwrun:/bin/false
sapadm:x:109:79:SAP Local Administrator:/home/sapadm:/bin/false
ha1adm:x:1001:79:SAP HANA Database System Administrator:/usr/sap/HA1/home:/bin/sh
man:x:13:62:Manual pages viewer:/var/cache/man:/bin/bash
news:x:9:13:News system:/etc/news:/bin/bash
uucp:x:10:14:Unix-to-Unix CoPy system:/etc/uucp:/bin/bash
statd:x:110:65534:NFS statd daemon:/var/lib/nfs:/sbin/nologin
ftpsecure:x:111:65534:Secure FTP User:/var/lib/empty:/bin/false
polkitd:x:499:498:User for polkitd:/var/lib/polkit:/sbin/nologin
scard:x:498:497:Smart Card Reader:/var/run/pcscd:/usr/sbin/nologin
rtkit:x:497:496:RealtimeKit:/proc:/bin/false
lighttpd:x:496:495:user for lighttpd:/var/lib/lighttpd:/bin/false
hacluster:x:90:90:heartbeat processes:/var/lib/heartbeat/cores/hacluster:/bin/bash
nscd:x:495:494:User for nscd:/run/nscd:/sbin/nologin
openslp:x:494:2:openslp daemon:/var/lib/empty:/sbin/nologin
rpc:x:493:65534:user for rpcbind:/var/lib/empty:/sbin/nologin
hbdadm:x:1000:79:SAP HANA Database System Administrator:/usr/sap/HBD/home:/bin/sh
d02adm:x:1002:79:SAP System Administrator:/home/d02adm:/bin/csh
hpdadm:x:1003:79:SAP HANA Database System Administrator:/usr/sap/HPD/home:/bin/sh
d03adm:x:1004:79:SAP System Administrator:/home/d03adm:/bin/csh

ab
14-Mar-2017, 10:57
On 03/13/2017 09:04 PM, karthickgin wrote:
>
> We dont use UPPERCASE in user, for hidding i mentioned as XXXX.
> output of getent passwd

Does your box have the C shell on it, I presume? Just to verify:



ls -l /bin/csh /bin/sh


Assuming that is there, it may be interesting to see what happens in the
/var/log/messages file when you try to use 'su', so run the following
before and while doing the test:



tail -f /var/log/messages


--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below...

dpartrid
02-May-2017, 18:35
I'm sorry if this is not helpful and is just my own confusion, but here it is:

Earlier in this thread you were calling the user "sapsidadm". Later, you were hiding part of the name, XXXXadm. Then you gave "getent passwd" output. Within that output, there is no "sapsidadm". So I'm not sure how to check the validity of your user entry. But *if* the real entry is "sapadm" then I note that it is using shell /bin/false. This could explain why you can't su to that user.