After running emerge -uv world lastnight i can no longer su to root on the 4 machines i ran it on, 1 of which is 4000 miles away. (and i disabled root logins via ssh) Reproducible: Always Steps to Reproduce: 1.su - 2.enter root password 3.access denied 4.switch to console, login as normal user 5.su - 6.enter root password 7.access denied 8.logout 9.login as root 10. works fine. Actual Results: could only login as root directly. Expected Results: I should have been able to su - to root.
and this user is part of the "wheel" group, right?
It apears actually that su doesn't work at all, for any user
user is part of group wheel. but in addition root cannot su as other users
adding /etc/suauth did not help
Users added to system after upgrade apear to be able to su - to root (regardless of suauth)
what was upgraded as part of the emerge -u world?
running 'usermod -g users -G wheel,disk,games username' apears to have fixed the problem. Maybe GUIDs changed? Maybe a PAM issue? Do I call the UK now or wait till its 5am there and then have them fix my machine? :) (down graded bug to normal) Upgrade world did upgrade base config. It was emerge synced around noon pacific standard time sunday (feb 8th).
please list all the files that were upgraded and, more importantly, what /etc files were upgraded. Without this information, we cannot determine if this is a valid bug or user error.
I should have said, "please list all the packages that were upgrade" instead of all the files.
from /var/log/emerge.log 1076266283: *** emerge --deep --update --verbose world 1076266292: >>> emerge (1 of 29) app-crypt/hashalot-0.1.0 to / 1076266307: ::: completed emerge (1 of 29) app-crypt/hashalot-0.1.0 to / 1076266307: >>> emerge (2 of 29) sys-libs/cracklib-2.7-r8 to / 1076266319: ::: completed emerge (2 of 29) sys-libs/cracklib-2.7-r8 to / 1076266319: >>> emerge (3 of 29) sys-libs/pam-0.77 to / 1076266587: ::: completed emerge (3 of 29) sys-libs/pam-0.77 to / 1076266587: >>> emerge (4 of 29) sys-apps/pam-login-3.14 to / 1076266620: ::: completed emerge (4 of 29) sys-apps/pam-login-3.14 to / 1076266620: >>> emerge (5 of 29) sys-apps/util-linux-2.12-r4 to / 1076266731: ::: completed emerge (5 of 29) sys-apps/util-linux-2.12-r4 to / 1076266731: >>> emerge (6 of 29) sys-apps/baselayout-1.8.6.13 to / 1076266860: ::: completed emerge (6 of 29) sys-apps/baselayout-1.8.6.13 to / 1076266860: >>> emerge (7 of 29) sys-libs/db-4.1.25_p1-r3 to / 1076267173: ::: completed emerge (7 of 29) sys-libs/db-4.1.25_p1-r3 to / 1076267173: >>> emerge (8 of 29) sys-devel/gcc-3.3.2-r5 to / 1076270842: ::: completed emerge (8 of 29) sys-devel/gcc-3.3.2-r5 to / 1076270842: >>> emerge (9 of 29) dev-perl/XML-Parser-2.31-r1 to / 1076270858: ::: completed emerge (9 of 29) dev-perl/XML-Parser-2.31-r1 to / 1076270858: >>> emerge (10 of 29) dev-util/intltool-0.29 to / 1076270873: ::: completed emerge (10 of 29) dev-util/intltool-0.29 to / 1076270873: >>> emerge (11 of 29) app-cdr/cdrtools-2.01_alpha25 to / 1076271021: ::: completed emerge (11 of 29) app-cdr/cdrtools-2.01_alpha25 to / 1076271021: >>> emerge (12 of 29) app-cdr/xcdroast-0.98_alpha15-r3 to / 1076271100: ::: completed emerge (12 of 29) app-cdr/xcdroast-0.98_alpha15-r3 to / 1076271100: >>> emerge (13 of 29) sys-apps/procps-3.1.15 to / 1076271125: ::: completed emerge (13 of 29) sys-apps/procps-3.1.15 to / 1076271125: >>> emerge (14 of 29) sys-apps/findutils-4.1.20-r1 to / 1076271189: ::: completed emerge (14 of 29) sys-apps/findutils-4.1.20-r1 to / 1076271189: >>> emerge (15 of 29) sys-apps/tcp-wrappers-7.6-r8 to / 1076271203: ::: completed emerge (15 of 29) sys-apps/tcp-wrappers-7.6-r8 to / 1076271203: >>> emerge (16 of 29) sys-libs/pwdb-0.62 to / 1076271229: ::: completed emerge (16 of 29) sys-libs/pwdb-0.62 to / 1076271229: >>> emerge (17 of 29) net-nds/portmap-5b-r8 to / 1076271237: ::: completed emerge (17 of 29) net-nds/portmap-5b-r8 to / 1076271237: >>> emerge (18 of 29) app-admin/fam-2.7.0 to / 1076271328: ::: completed emerge (18 of 29) app-admin/fam-2.7.0 to / 1076271328: >>> emerge (19 of 29) media-sound/xmms-1.2.8-r4 to / 1076271567: ::: completed emerge (19 of 29) media-sound/xmms-1.2.8-r4 to / 1076271567: >>> emerge (20 of 29) net-www/lynx-2.8.4.1d-r1 to / 1076271703: ::: completed emerge (20 of 29) net-www/lynx-2.8.4.1d-r1 to / 1076271703: >>> emerge (21 of 29) net-www/mozilla-1.6 to / 1076276303: ::: completed emerge (21 of 29) net-www/mozilla-1.6 to / 1076276303: >>> emerge (22 of 29) net-www/epiphany-1.0.7 to / 1076276618: ::: completed emerge (22 of 29) net-www/epiphany-1.0.7 to / 1076276618: >>> emerge (23 of 29) app-arch/file-roller-2.4.2-r1 to / 1076276731: ::: completed emerge (23 of 29) app-arch/file-roller-2.4.2-r1 to / 1076276731: >>> emerge (24 of 29) sys-devel/gdb-6.0 to / 1076277180: ::: completed emerge (24 of 29) sys-devel/gdb-6.0 to / 1076277180: >>> emerge (25 of 29) gnome-extra/acme-2.4.2-r1 to / 1076277224: ::: completed emerge (25 of 29) gnome-extra/acme-2.4.2-r1 to / 1076277224: >>> emerge (26 of 29) media-libs/libexif-0.5.12-r1 to / 1076277264: ::: completed emerge (26 of 29) media-libs/libexif-0.5.12-r1 to / 1076277264: >>> emerge (27 of 29) dev-libs/libpcre-4.2-r1 to / 1076277303: ::: completed emerge (27 of 29) dev-libs/libpcre-4.2-r1 to / 1076277303: >>> emerge (28 of 29) net-analyzer/nmap-3.50-r1 to / 1076277460: ::: completed emerge (28 of 29) net-analyzer/nmap-3.50-r1 to / 1076277460: >>> emerge (29 of 29) net-ftp/curl-7.10.8-r1 to / 1076277579: ::: completed emerge (29 of 29) net-ftp/curl-7.10.8-r1 to / does etc-update keep a log?
Should also be noted that i do this every sunday.
looking at the man pages for usermod, the only files it modifies are /etc/passwd, /etc/shadow and /etc/group. Since you indicate that 'usermod -g users -G wheel,disk,games username' fixes the problem, this strongly indicates that the root cause was a mistake when upgrading these files after the emerge. Furthermore, I have upgraded pam, pam-login and baselayout on three separate systems today and did not have a problem. Make sure you have CONFIG_PROTECT set properly. By default, this is set in /etc/make.globals and protects /etc files from being overwritten automatically. Marking as invalid.