0

I am trying following this guideto give root privileges to a user called deploy.

But I am unable to su to deploy user.

Steps I have taken,

logged in as a root user then I added the deploy which is a local user

su deploy (giving the deploy users password here)

I always get su: incorrect password with the correct password.

And I am seeing following on my /var/log/secure

su: pam_sss(su:auth): received for user deploy: 10 (User not known to the underlying authentication module)

out put of 

getent passwd deploy 
deploy:x:500:501::/home/deploy:/bin/bash

content of my /etc/nsswitch.conf

# This file is controlled by Puppet

passwd:     files sss
shadow:     files sss
group:      files sss
hosts:      files dns
bootparams: nisplus [NOTFOUND=return] files
ethers:     files
netmasks:   files
networks:   files
protocols:  files
rpc:        files
services:   files
netgroup:   files sss
publickey:  nisplus
automount:  files
aliases:    files nisplus

/etc/shadow relevant line 

deploy:xxxxxxxxxx:17204:0:99999:7:::
Shani
  • 101
  • 1
  • 1
    Please post your `/etc/nsswitch.conf`. – Michael Hampton Feb 08 '17 at 19:47
  • Can you post the relevant line from `/etc/shadow`? (Don't forget to hide your password hash if it's there) – ConnorJC Feb 08 '17 at 21:56
  • https://fedorahosted.org/sssd/wiki/Troubleshooting#TroubleshootingAuthenticationPasswordChangeandAccessControl - you should have meaningful messages in your logs. Where does the account reside? On ldap or files? Did you restargsssd? – symcbean Feb 08 '17 at 22:53

1 Answers1

0

In your text, you are implying that you are writing the password for the deploy user in the su command line as a second argument after the username.

su command doesn't take password as a command line argument. If it needs a password, it will ask it via terminal.

When you are running su as the root user, it does not ask passwords for users.

Tero Kilkanen
  • 36,796
  • 3
  • 41
  • 63