Root shell access gone in Linux

[Lord Evermore]

I'm still playing around with the new SuSE installation. I forgot to bring the manual to work so I've been fooling around with it from here doing some of the more basic stuff, or so I thought.

I haven't reached the point that it matters all that much to me if I totally hose the installation; I may reinstall tonight anyway in order to adjust partition sizes a bit more closely to what actually happened during installation.

Anyway, the default shell for new users is Bash, while I prefer the c shell as it's what I'm used to. So, I used the usermod -s csh evermore command as root to change the shell for my login. This worked fine. But then when I went to root again to do something else, I noticed that the login had changed slightly. I wasn't getting the same type of command prompt as before. I realize now that it was because I was coming from csh into bash when I su'd. So I changed the root shell to csh, then logged out and back in, and now I can't get root access. When I log in, I get the error "su: cannot run csh: No such file or directory".

So, this seems to me to indicate that the path isn't set so that logging in as root with a c shell can locate the csh shell binary, so I can't log in. Fixing it I presume would just be a matter of letting the root login path point to csh properly, or even just putting root back to using bash for now.

But how can I do that, if at all? My user login doesn't have any higher level access yet, just a normal user. Will I be able to edit whatever login files are used by root to change the shell used? If I can, where are they?

If nothing else, I'll just reinstall tonight. Now that I know what I'm doing it shouldn't take as long.

 

[HigherGround]

su -m will not reset environment vars, but in your case you are already running c shell so it mail fail anyway...give it a try and see

 

[Lord Evermore]

Nope...

I'm not able to get into a shell as root at all, so running anything as root isn't going to work I think.

 

[HigherGround]

hmmm...so opening a shell as yourself works? and if you change the user in that shell to root (via su -m) that fails with the same message (cannot run csh) or do you get a prompt?

if you have a prompt as yourself with C shell running then this actually should work. If you ...

> printenv | grep SHELL

that should say /bin/csh

now doing ...

> su -m

should preserve the the SHELL env var and it should find and execute the right binary

same goes the other way...if i have a shell open and i redefine SHELL to be /somehting/stupid and i spawn another shell from that one i'll get an error, because the new shell will inherit the /somehting/stupid definition, which obviously it can't execute.

 

[Damaged]

Well, since you know bash works, then try:
su -s /bin/bash

This should su your to root and run bash as the shell.

Now what do you do? Well the first thing I'd check is where the csh binary is located: whereis csh. After having done that, then check and make sure it's in your /etc/shells file.

 

[Damaged]

Crap! Crap! Crap! Crap!

Sometimes things are SOO easy to fix once you realize what actually happened.

You see what happend is that you specified csh as a shell. While correct in a sense, that's not how you have to specify a shell. BTW thank you for giving me the EXACT command you ran because this made it easy to realize what had gone wrong! What you have to do is specify the ENTIRE path to a shell (e.g. /bin/csh, /usr/bin/csh, etc). Now you know. Now you also know how to fix this.

Do the su -s /bin/bash to get root. Then do the whereis is to spit out the path for csh, then edit your /etc/passwd file accordingly.

BTW I always perferred chsh for changing shells, or hacking the /etc/passwd file directly. Same, same.

 

[Lord Evermore]

[pts/0:guild] [/home/evermore] > printenv | grep SHELL
SHELL=/bin/tcsh

[pts/0:guild] [/home/evermore] > su -m
Password:
su: using restricted shell csh
su: cannot run csh: No such file or directory

[pts/0:guild] [/home/evermore] > su -s /bin/bash
Password:
su: using restricted shell csh
su: cannot run csh: No such file or directory

One of my co-workers suggested going into single user mode, I'll try that when I get home, but I'll probably just end up reformatting and installing again. I need to resize the partitions anyway, and I don't trust Partition Magic with Linux.

Also:

[pts/0:guild] [/home/evermore] > less /etc/shells
/bin/ash
/bin/bash
/bin/bash1
/bin/csh
/bin/false
/bin/sh
/bin/tcsh
/bin/true
/usr/bin/csh
/usr/bin/ksh
/usr/bin/passwd
/usr/bin/rbash
/usr/bin/tcs
/usr/bin/zsh


Note that MY account is working fine having changed the shell using the same command. Luckily I was able to run dnetc so the system's not just sitting there useless all day.

 

[Damaged]

Oh, change to bash then try su'ing as I've suggested.

I can't remember off the top of my head how to fix the restricted shell thang.

 

[Damaged]

Also can you grab a different VC and login in as root instead of su'ing? If so then it's something b/w su and that shell. My first inclination would be the permissions on su itself.

 

[Lord Evermore]

Still doesn't work even when coming from a bash shell on my own login.

And right now I can't log in as root, system is secured against remote root access.

 

[Damaged]

Okay. Try grabbing a VC when you get home (ctrl+alt+Fx, where Fx is the function key number, X runs on tty7, so try something like F2).

 

[Lord Evermore]

Okay...so root access isn't broken, only su access...I came home and logged in as root just fine, using the csh. However trying to su from the root account gives the same error about no such file or directory, but I'm USING csh right now (or rather, tcsh which csh is linked to), and I did just verify it's there.

Okay, fixed it. Had to edit the /etc/passwd file. Very odd, the root account was listed with just 'bash' as the shell (I changed it back when I got home as a test), but the others were all listed with their full path to the shell. After I put in the full path, su access worked again.

Why does accessing root as 'su' not find the path, but just logging in directly does?

 

[Damaged]

Hmm, as I expected for the solution. Something to do with su I guess. I don't know, I'd have to look what's it's doing. Actually you can do it yourself if you have strace installed.

What you want to do is return it to the way it was, which wasn't right anyways, but...then as a normal user issue the su command but don't give the password. Now do a ps aux and find the pid number for su, then switch to another VC or, in X, prior to making the change, open a root console, then make the change, then the su, then the ps aux, then do: strace -p <pid number> and watch where it pukes out and why. Very handy tool.

 

[Lord Evermore]

Oooh...I don't want to fool with it anymore tonight, but I'll keep that tool in mind.

I decided to just reinstall (though the problem is fixed), so that I could rebuild the partitions. I thought of just using Partition Magic on them, but PM doesn't work too well on Linux in my experience, plus I want to have all the software reinstalled with the new partition sizes (the /usr partition was too small and stuff ended up spilling over into other partitions; I want to try and get it all installed where it should have gone originally). Plus I may want to add some of the commercial packages.

So, I went to boot from the CD again...CD boot failed...huh? Reboot...failed...booted into Linux...mount the CDROM...mount failed, no media in the drive...? Removed the CD, tried it in my Windows machine, read fine...checked all the cables and stuff, nothing loose. Reseated them just in case...still no go. The thing worked till 2AM last night, and as far as I know nothing happened to it. All that changed was that I moved it one foot closer to my desk this evening, didn't drop it or manhandle it.

I also noticed a really horrid sound coming from the system when it boots, but I can't be sure if it's the hard drive or the CDROM (haven't done serious hardware troubleshooting yet, only software). Sounds like a drive armature grinding, I'm worried that the read laser is stuck or broken.

I tried booting with the SuSE install floppy, but it couldn't mount the CD either. Also tried it with a different CD, still no go. Tried booting with a DOS boot disk (Win98, all drivers installed and loaded), still couldn't read any of the disks I tried.

The drive is detecting during POST, and the drivers load properly and detect it to give it a drive letter in DOS, but trying to read any discs fails (drive not read, or whatever the exact error is).

Tomorrow I'll pull it out and put it into another system just to be sure, and Friday I'll probably take it back to the place I got it from. It appears to be a refurbished drive from Gateway, and I got it at a local shop about two weeks ago.

I just hate it because it means two days at least of not being able to DO anything, because I want to reinstall before I get into kernel optimization and user creation and editing.

Oh yeah, I also tried Partition Magic 4.01 on it (in text mode from a DOS boot disk). PM detects the partitions as Linux ext2 partitions...problem is 5 of the 6 partitions are actually ReiserFS. I'm thinking maybe ReiserFS actually rides on top of the ext2 format, because the Reiser partitions also appear as being completely full in PM, while the ext2 partition didn't. It seems that ReiserFS acts like one big ass file in a special format on an ext2 partition as far as PM can see (wouldn't surprise me if that's exactly what it is, sort of like a compressed drive in DOS/Windows).

But, since the partitions appear as completely full, PM can't resize them.