Can't su anymore

Philip Mötteli Philip.Moetteli at tele2.ch
Thu Feb 28 00:53:09 PST 2008 

Am 28.02.2008 um 09:40 schrieb Martin Costabel:

> Philip Mötteli wrote:
> []
>> There's no other su:
>>    $ whereis su
>>    /usr/bin/su
>
>>    $ locate bin/su
>>    /usr/bin/su
>>    /usr/bin/sudo
>>    /usr/bin/sum
>
>>    $ which su
>>    /usr/bin/su
>
> We don't know when your locate database was last updated,

Nightly.


> and /usr/bin/which is - or was until recently - a csh script, so  
> when you use it from bash you are not sure it sees the same  
> environment as your shell.

	$ file /usr/bin/which
	/usr/bin/which: Mach-O universal binary with 2 architectures
	/usr/bin/which (for architecture i386):	Mach-O executable i386
	/usr/bin/which (for architecture ppc7400):	Mach-O executable ppc


> You never said whether or not you have /sw/bin/su.

	$ file /sw/bin/su
	/sw/bin/su: cannot open `/sw/bin/su' (No such file or directory)


> As for proof, the fact that `su` and `/usr/bin/su` behave  
> differently, as you claim, speaks for itself.

You're right. I think it's strange, too. And I tried to explain it  
like you.
But I still don't have any 'su' elsewhere. At least, not that I could  
find one.


> Another remark is that your user seems to belong to a weird  
> collection of groups for a non-root user.

What is a non-root user?


> It looks like you fiddled with groups, so maybe you also have a  
> custom /etc/sudoers file?

Have a look (I didn't copy the out-commented parts):

	# Defaults specification
	Defaults	env_reset
	Defaults	env_keep += "BLOCKSIZE"
	Defaults	env_keep += "COLORFGBG COLORTERM"
	Defaults	env_keep += "__CF_USER_TEXT_ENCODING"
	Defaults	env_keep += "CHARSET LANG LANGUAGE LC_ALL LC_COLLATE LC_CTYPE"
	Defaults	env_keep += "LC_MESSAGES LC_MONETARY LC_NUMERIC LC_TIME"
	Defaults	env_keep += "LINES COLUMNS"
	Defaults	env_keep += "LSCOLORS"
	Defaults	env_keep += "SSH_AUTH_SOCK"
	Defaults	env_keep += "TZ"
	Defaults	env_keep += "DISPLAY XAUTHORIZATION XAUTHORITY"
	Defaults	env_keep += "EDITOR VISUAL"

	# User privilege specification
	root	ALL=(ALL) ALL
	%admin	ALL=(ALL) ALL

More information about the MacOSX-admin mailing list