Re: User start up program and ssh login (888 Views)
Reply
Frequent Advisor
Jonathan Grymes
Posts: 80
Registered: ‎09-23-2004
Message 1 of 11 (891 Views)
Accepted Solution

User start up program and ssh login

Just installed HPUX 11i Version 3. I can login directly as root user but for other users I created it seems only those with /sbin/sh as the start up program can login. However, not all commands are available, for example:

$ ll
sh: ll:  not found
$

If I change the startup program via sam for the a user to /usr/bin/sh my putty window disappears after I enter the password. Its the same for all the shells other than /sbin/sh.

 

I created /etc/shells but didnt help.

This is probably a simple thing I'm overlooking. Any ideas?

 

Thanks,

Jon

Honored Contributor
Patrick Wallek
Posts: 13,787
Registered: ‎06-21-2000
Message 2 of 11 (888 Views)

Re: User start up program and ssh login

This is strange.

 

First, check the /usr/bin/ directory and verify that all of the appropriate shells exist.  These should be available by default:

(some of these are not shells, but the *sh should get you close enough)

 

# ll /usr/bin/*sh
-r-xr-xr-x 1 bin bin 72652 Feb 15 2007 /usr/bin/autopush
lrwxr-xr-x 1 root sys 25 Oct 16 18:14 /usr/bin/c_rehash -> /opt/openssl/bin/c_rehash
-r-xr-xr-x 1 bin bin 589 Aug 17 2011 /usr/bin/change2v9db.sh
-r-sr-xr-x 4 root bin 151320 Sep 26 2009 /usr/bin/chsh
-r-xr-xr-x 1 bin bin 534532 Apr 29 2009 /usr/bin/csh
-r-xr-xr-x 1 bin bin 152 Feb 15 2007 /usr/bin/hash
-r-xr-xr-x 1 bin bin 780176 Feb 15 2007 /usr/bin/keysh
-r-xr-xr-x 2 bin bin 539048 Jul 29 2009 /usr/bin/ksh
-r-xr-xr-x 1 bin bin 7452 Aug 17 2011 /usr/bin/named-bootconf.sh
-r-sr-xr-x 1 root bin 145124 Feb 15 2007 /usr/bin/remsh
-r-xr-xr-x 2 bin bin 539048 Jul 29 2009 /usr/bin/rksh
-r-xr-xr-x 2 bin bin 682408 Apr 13 2011 /usr/bin/rsh
-r-xr-xr-x 2 bin bin 682408 Apr 13 2011 /usr/bin/sh
lrwxr-xr-x 1 root sys 16 Jul 10 2012 /usr/bin/ssh -> /opt/ssh/bin/ssh

 

What do the /etc/passwd entries look like for your users?  Try running 'pwck' to verify that the /etc/passwd file is correct.

 

Do you get any errors when trying to log in?  If you are logged in as root, and then try to telnet or ssh to 'localhost' to log in and see what the messages are.

 

 

Frequent Advisor
Jonathan Grymes
Posts: 80
Registered: ‎09-23-2004
Message 3 of 11 (885 Views)

Re: User start up program and ssh login

#  ll /usr/bin/*sh
-r-xr-xr-x   1 bin        bin          72652 Feb 15  2007 /usr/bin/autopush
lrwxr-xr-x   1 root       sys             25 Jan 24 16:05 /usr/bin/c_rehash -> /opt/openssl/bin/c_rehash
-r-xr-xr-x   1 bin        bin            589 Nov 25  2011 /usr/bin/change2v9db.sh
-r-sr-xr-x   4 root       bin         151320 Nov  1  2011 /usr/bin/chsh
-r-xr-xr-x   1 bin        bin         534560 Aug 26  2011 /usr/bin/csh
-r-xr-xr-x   1 bin        bin            152 Feb 15  2007 /usr/bin/hash
-r-xr-xr-x   1 bin        bin         780176 Feb 15  2007 /usr/bin/keysh
-r-xr-xr-x   2 bin        bin         539048 Jul 29  2009 /usr/bin/ksh
-r-xr-xr-x   1 bin        bin           7452 Nov 25  2011 /usr/bin/named-bootconf.sh
-r-sr-xr-x   1 root       bin         145124 Feb 15  2007 /usr/bin/remsh
-r-xr-xr-x   2 bin        bin         539048 Jul 29  2009 /usr/bin/rksh
-r-xr-xr-x   2 bin        bin         682408 Aug 26  2011 /usr/bin/rsh
-r-xr-xr-x   2 bin        bin         682408 Aug 26  2011 /usr/bin/sh
lrwxr-xr-x   1 root       sys             16 Jan 24 16:32 /usr/bin/ssh -> /opt/ssh/bin/ssh
#

/etc/passwd

jogryme1:5d9G7NqocKgaU:115:107:Jon Grymes:/home/jogryme1:/sbin/sh

 

no errors running pwck

 

as root user

# ssh jogryme1@localhost
Password:
Last successful login:       Wed Jan 30 17:02:24 2013 192.168.203.239
Last authentication failure: Wed Jan 30 14:33:26 2013 192.168.203.239
Last login: Wed Jan 30 17:02:24 2013 from 192.168.203.239
(c)Copyright 1983-2006 Hewlett-Packard Development Company, L.P.
(c)Copyright 1979, 1980, 1983, 1985-1993 The Regents of the Univ. of California
(c)Copyright 1980, 1984, 1986 Novell, Inc.
(c)Copyright 1986-2000 Sun Microsystems, Inc.
(c)Copyright 1985, 1986, 1988 Massachusetts Institute of Technology
(c)Copyright 1989-1993  The Open Software Foundation, Inc.
(c)Copyright 1990 Motorola, Inc.
(c)Copyright 1990, 1991, 1992 Cornell University
(c)Copyright 1989-1991 The University of Maryland
(c)Copyright 1988 Carnegie Mellon University
(c)Copyright 1991-2006 Mentat Inc.
(c)Copyright 1996 Morning Star Technologies, Inc.
(c)Copyright 1996 Progressive Systems, Inc.

Confidential computer software. Valid license from HP required for
possession, use or copying.  Consistent with FAR 12.211 and 12.212,
Commercial Computer Software, Computer Software Documentation, and
Technical Data for Commercial Items are licensed to the U.S. Government
under vendor's standard commercial license.

.profile[11]: tset:  not found
.profile[15]: tabs:  not found
$

I changed the shell to /usr/bin/sh

 

As root

# ssh jogryme1@localhost
Password:
Last successful login:       Wed Jan 30 17:33:04 2013 127.0.0.1
Last authentication failure: Wed Jan 30 14:33:26 2013 192.168.203.239
Last login: Wed Jan 30 17:33:04 2013 from 127.0.0.1
/usr/bin/sh: Permission denied
Connection to localhost closed.
#

 

Honored Contributor
Patrick Wallek
Posts: 13,787
Registered: ‎06-21-2000
Message 4 of 11 (879 Views)

Re: User start up program and ssh login

Here's your key message: /usr/bin/sh: Permission denied

 

Check the permissions on the /usr and /usr/bin directories.

 

# ll -d /
drwxr-xr-x  23 root       root          8192 Jan 30 13:31 /

# ll -d /usr
dr-xr-xr-x  22 bin        bin           8192 Jul 10  2012 /usr

# ll -d /usr/bin
dr-xr-xr-x   4 bin        bin          16384 Nov 27 10:30 /usr/bin

 

Frequent Advisor
Jonathan Grymes
Posts: 80
Registered: ‎09-23-2004
Message 5 of 11 (877 Views)

Re: User start up program and ssh login

Bingo!!

 

# ll -d /
drwxr-xr-x  21 root       root          8192 Jan 28 16:17 /
# ll -d /usr
drwxrwx---  22 bin        bin           8192 Jan 24 17:59 /usr
# ll -d /usr/bin
dr-xr-xr-x   4 bin        bin          16384 Jan 24 17:44 /usr/bin
#

# chmod 555 /usr
# ll -d /usr
dr-xr-xr-x  22 bin        bin           8192 Jan 24 17:59 /usr

 

# ssh jogryme1@localhost
Password:
Last successful login:       Wed Jan 30 18:02:14 2013 127.0.0.1
$

Thank You.

Honored Contributor
Patrick Wallek
Posts: 13,787
Registered: ‎06-21-2000
Message 6 of 11 (867 Views)

Re: User start up program and ssh login

Someone may have tried to "improve" the security of the system by changing the permissions on the /usr directory.  That is a really bad idea.

 

I would now verify everything on the system to make sure all is as it should be.

 

First run:

 

# swverify -v \*

 

When that is finished you will see a line at the end of the output that says something like "run the following swjob command to see more information".  Run the 'swjob' command that it specifies (You probably want to redirect the output to a file to make it easier to peruse) to see the results and see if you have any problems that need to be corrected.  They will be easy to spot as they will be ERRORs.

Frequent Advisor
Jonathan Grymes
Posts: 80
Registered: ‎09-23-2004
Message 7 of 11 (847 Views)

Re: User start up program and ssh login

Here are the results of running swjob.

#swjob -a log labeai01-0007 @ labeai01:/

 

ERROR:   File "/usr/sam/tui/fs/lv/lvCreateForm" should have mtime

 "1340372600" but the actual mtime is "1359407494"

ERROR:   File "/usr/sam/tui/fs/lv/lvCreateForm" should have size "5672"

         bytes but the actual size is "6437" bytes.

ERROR:   Fileset "FileSystemsWeb.FS-TUI,l=/,r=B.11.31.16" had file

         errors.

 

ERROR:       Verify failed FileSystemsWeb.FS-TUI,l=/,r=B.11.31.16

Honored Contributor
Patrick Wallek
Posts: 13,787
Registered: ‎06-21-2000
Message 8 of 11 (843 Views)

Re: User start up program and ssh login

If those errors are all that you had, then I think you are in pretty good shape.

 

It is something you may want to look into when you have time, but it's not something I would be too concerned about.

 

Here is that file from my 11.31 server:

 

# ll /usr/sam/tui/fs/lv/lvCreateForm
-r--r--r-- 1 bin bin 5672 Dec 1 2011 /usr/sam/tui/fs/lv/lvCreateForm

Acclaimed Contributor
Dennis Handly
Posts: 25,296
Registered: ‎03-06-2006
Message 9 of 11 (835 Views)

Re: User start up program and ssh login

>ERROR:   File "/usr/sam/tui/fs/lv/lvCreateForm" should have mtime "1340372600" but the actual mtime is "1359407494"

 

Looks like it was modified recently:

time_t value is: 01/28/13 13:11:34 PST  # 1359407494
time_t value is: 06/22/12 06:43:20 PDT  # 1340372600

Frequent Advisor
Jonathan Grymes
Posts: 80
Registered: ‎09-23-2004
Message 10 of 11 (832 Views)

Re: User start up program and ssh login

After the initial 11.31 install, I did run swainv.sh and check for needed updates. The patches below were installed on 1/25.  So Im not sure why lvCreateForm is showing that it was modified on 1/28.  On 1/28 I configured additional file systems via the SAM (TUI) utility.

 

 

Installing fileset "PHSS_41557.MASTER,r=1.0" (1 of 5).
Installing fileset "PHSS_41557.SNMP-ENG-A-MAN,r=1.0" (2 of 5).
Installing fileset "PHSS_41557.SUBAGT-HPUNIX,r=1.0" (3 of 5).
Installing fileset "PHSS_41557.SUBAGT-MIB2,r=1.0" (4 of 5).
Installing fileset "PHSS_43134.X11-FONTSRV,r=1.0" (5 of 5)

Acclaimed Contributor
Dennis Handly
Posts: 25,296
Registered: ‎03-06-2006
Message 11 of 11 (828 Views)

Re: User start up program and ssh login

>The patches below were installed on 1/25. 

 

If a patch modified the file, the IPD is updated with the new size, permissions and dates.

 

>So I'm not sure why lvCreateForm is showing that it was modified on 1/28.  On 1/28 I configured additional file systems via the SAM (TUI) utility.

 

What were you doing at 13:11:34?  ;-)  Compare to the timestamps in your SD logs:  /var/adm/sw/sw*.log

Anything in /var/sam/log/?

 

If you have an old copy on your backup or your media and can compare, the change may be obvious.

I.e. this file may be able to be modified by your SAM activities.  If so, the file should have been marked volatile so it wouldn't show up in swverify.

The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.