| |
 |
|
| Linux Forum Index » Linux Security » Unable to delete user?... |
|
Page 1 of 1 |
|
| Author |
Message |
| Phuong... |
 Posted: Wed Aug 19, 2009 9:20 am |
|
|
|
Guest
|
Hi all,
I'm not quite sure what happened, but now every time I try to delete a
user (userdel), it would sit there, hog up CPU/Memory and spam this
line in audit.log
type=USER_CHAUTHTOK msg=audit(1250709320.731:194488024): user
pid=25086 uid=0 auid=502 msg='op=deleting user from group acct=admin
exe="/usr/sbin/userdel" (hostname=?, addr=?, terminal=? res=failed)'
type=USER_CHAUTHTOK msg=audit(1250709320.731:194488025): user
pid=25086 uid=0 auid=502 msg='op=deleting user from group acct=admin
exe="/usr/sbin/userdel" (hostname=?, addr=?, terminal=? res=failed)'
type=USER_CHAUTHTOK msg=audit(1250709320.731:194488026): user
pid=25086 uid=0 auid=502 msg='op=deleting user from group acct=admin
exe="/usr/sbin/userdel" (hostname=?, addr=?, terminal=? res=failed)'
type=USER_CHAUTHTOK msg=audit(1250709320.731:194488027): user
pid=25086 uid=0 auid=502 msg='op=deleting user from group acct=admin
exe="/usr/sbin/userdel" (hostname=?, addr=?, terminal=? res=failed)'
type=USER_CHAUTHTOK msg=audit(1250709320.731:194488028): user
pid=25086 uid=0 auid=502 msg='op=deleting user from group acct=admin
exe="/usr/sbin/userdel" (hostname=?, addr=?, terminal=? res=failed)'
type=USER_CHAUTHTOK msg=audit(1250709320.731:194488029): user
pid=25086 uid=0 auid=502 msg='op=deleting user from group acct=admin
exe="/usr/sbin/userdel" (hostname=?, addr=?, terminal=? res=failed)'
Googling suggested that something went wrong with selinux? Could
anyone point me the right direction.
Thanks |
|
|
| Back to top |
|
|
|
| Nico Kadel-Garcia... |
| Posted: Thu Aug 20, 2009 1:58 am |
|
|
|
Guest
|
On Aug 19, 3:20 pm, Phuong <phuong.d.ngu... at (no spam) gmail.com> wrote:
Quote: Hi all,
I'm not quite sure what happened, but now every time I try to delete a
user (userdel), it would sit there, hog up CPU/Memory and spam this
line in audit.log
type=USER_CHAUTHTOK msg=audit(1250709320.731:194488024): user
pid=25086 uid=0 auid=502 msg='op=deleting user from group acct=admin
exe="/usr/sbin/userdel" (hostname=?, addr=?, terminal=? res=failed)'
type=USER_CHAUTHTOK msg=audit(1250709320.731:194488025): user
pid=25086 uid=0 auid=502 msg='op=deleting user from group acct=admin
exe="/usr/sbin/userdel" (hostname=?, addr=?, terminal=? res=failed)'
type=USER_CHAUTHTOK msg=audit(1250709320.731:194488026): user
pid=25086 uid=0 auid=502 msg='op=deleting user from group acct=admin
exe="/usr/sbin/userdel" (hostname=?, addr=?, terminal=? res=failed)'
type=USER_CHAUTHTOK msg=audit(1250709320.731:194488027): user
pid=25086 uid=0 auid=502 msg='op=deleting user from group acct=admin
exe="/usr/sbin/userdel" (hostname=?, addr=?, terminal=? res=failed)'
type=USER_CHAUTHTOK msg=audit(1250709320.731:194488028): user
pid=25086 uid=0 auid=502 msg='op=deleting user from group acct=admin
exe="/usr/sbin/userdel" (hostname=?, addr=?, terminal=? res=failed)'
type=USER_CHAUTHTOK msg=audit(1250709320.731:194488029): user
pid=25086 uid=0 auid=502 msg='op=deleting user from group acct=admin
exe="/usr/sbin/userdel" (hostname=?, addr=?, terminal=? res=failed)'
Googling suggested that something went wrong with selinux? Could
anyone point me the right direction.
Thanks
I assume that you're not using NIS or LDAP in a weird local setting?
*I* suggest that some idiot hand-edited the /etc/shadow, /etc,passwd, /
etc/group, or /etc/gshadow files and made them mis-match in the list
of users or groups. I've seen this sort of thing, where someone
thought it was a good idea to copy /etc/passwd around to multiple
machines without copying /etc/shadow.
You don't mention which Linux you're using: but you can do a 'wc /etc/
passwd /etc/shadow; wc /etc/shadow /etc/gshadow' to detect the most
common of the issues I mentioned. And if they've wound up mis-matched,
you can do 'pwcunconv; pwconv' to try and re-match them, at least on
RedHat based systmes. |
|
|
| Back to top |
|
|
|
| anders... |
| Posted: Thu Aug 20, 2009 7:36 am |
|
|
|
Guest
|
Wed, 19 Aug 2009 12:20:07 -0700 wrote Phuong:
Quote: Hi all,
I'm not quite sure what happened, but now every time I try to delete a
user (userdel), it would sit there, hog up CPU/Memory and spam this line
in audit.log
type=USER_CHAUTHTOK msg=audit(1250709320.731:194488024): user pid=25086
uid=0 auid=502 msg='op=deleting user from group acct=admin
exe="/usr/sbin/userdel" (hostname=?, addr=?, terminal=? res=failed)'
type=USER_CHAUTHTOK msg=audit(1250709320.731:194488025): user pid=25086
uid=0 auid=502 msg='op=deleting user from group acct=admin
exe="/usr/sbin/userdel" (hostname=?, addr=?, terminal=? res=failed)'
type=USER_CHAUTHTOK msg=audit(1250709320.731:194488026): user pid=25086
uid=0 auid=502 msg='op=deleting user from group acct=admin
exe="/usr/sbin/userdel" (hostname=?, addr=?, terminal=? res=failed)'
type=USER_CHAUTHTOK msg=audit(1250709320.731:194488027): user pid=25086
uid=0 auid=502 msg='op=deleting user from group acct=admin
exe="/usr/sbin/userdel" (hostname=?, addr=?, terminal=? res=failed)'
type=USER_CHAUTHTOK msg=audit(1250709320.731:194488028): user pid=25086
uid=0 auid=502 msg='op=deleting user from group acct=admin
exe="/usr/sbin/userdel" (hostname=?, addr=?, terminal=? res=failed)'
type=USER_CHAUTHTOK msg=audit(1250709320.731:194488029): user pid=25086
uid=0 auid=502 msg='op=deleting user from group acct=admin
exe="/usr/sbin/userdel" (hostname=?, addr=?, terminal=? res=failed)'
Googling suggested that something went wrong with selinux? Could anyone
point me the right direction.
Thanks
Are you using the option '-f' ?
# userdel -f username
The option '-f' is the same as force something (in use), in the user
directory, to be deleted.
So if the user is logged in, or something is in use from the user's
account, he/she/it will be thrown out before the account be deleted.
/Anders |
|
|
| Back to top |
|
|
|
|
|
All times are GMT - 5 Hours
The time now is Sun Nov 22, 2009 1:04 pm
|
|