differences between su root and su - root

differences between su root and su - root

Post by the drag » Sat, 04 Jan 2003 06:59:51



Hey there.  I have a problem.  I have a user who needs to ftp off my
non-ftp server using a tunnel through the firewall.  If the user tries
to ftp, they get the following:

422 [people2]ediprod:/gentran/prod> ftp nnn.nnn.nnn.nnn
Connected to nnn.nnn.nnn.nnn.
220 ieftp5 IE-FTP server (v4r1m0.e) ready on system USA.

(It hangs up with no logon prompt)

If I do a su root, I get the same thing:

246 [people2]ediprod:/gentran/prod> ftp nnn.nnn.nnn.nnn
Connected to nnn.nnn.nnn.nnn.
220 ieftp5 IE-FTP server (v4r1m0.e) ready on system USA.

(It hangs up with no logon prompt)

But, if I use su - root, I get a successful connection:

people2:/)ftp nnn.nnn.nnn.nnn
Connected to nnn.nnn.nnn.nnn.
220 ieftp5 IE-FTP server (v4r1m0.e) ready on system USA.
Name (nnn.nnn.nnn.nnn:xxxxxxx):

I did a path and env on both the su and the - su and the only
difference that I can see is this line:

su - root : AUTHSTATE=files
su root   : AUTHSTATE=compat

However, even if I change the AUTHSTATE in the su root with the
command
 people2:/)export AUTHSTATE=files , it still does not work.

Can anyone tell me what I am missing here and help be resolve this
issue so my user will be a happy camper??

thanks in advance, and have a great new year.

clark 'the dragon' willis

 
 
 

differences between su root and su - root

Post by ty » Sat, 04 Jan 2003 07:40:46


su - <user>
will source in the target users environment - in your case root's
su <user>
will leave the environment as is

man su
will explain all this.

hth
ty


Quote:> Hey there.  I have a problem.  I have a user who needs to ftp off my
> non-ftp server using a tunnel through the firewall.  If the user tries
> to ftp, they get the following:

> 422 [people2]ediprod:/gentran/prod> ftp nnn.nnn.nnn.nnn
> Connected to nnn.nnn.nnn.nnn.
> 220 ieftp5 IE-FTP server (v4r1m0.e) ready on system USA.

> (It hangs up with no logon prompt)

> If I do a su root, I get the same thing:

> 246 [people2]ediprod:/gentran/prod> ftp nnn.nnn.nnn.nnn
> Connected to nnn.nnn.nnn.nnn.
> 220 ieftp5 IE-FTP server (v4r1m0.e) ready on system USA.

> (It hangs up with no logon prompt)

> But, if I use su - root, I get a successful connection:

> people2:/)ftp nnn.nnn.nnn.nnn
> Connected to nnn.nnn.nnn.nnn.
> 220 ieftp5 IE-FTP server (v4r1m0.e) ready on system USA.
> Name (nnn.nnn.nnn.nnn:xxxxxxx):

> I did a path and env on both the su and the - su and the only
> difference that I can see is this line:

> su - root : AUTHSTATE=files
> su root   : AUTHSTATE=compat

> However, even if I change the AUTHSTATE in the su root with the
> command
>  people2:/)export AUTHSTATE=files , it still does not work.

> Can anyone tell me what I am missing here and help be resolve this
> issue so my user will be a happy camper??

> thanks in advance, and have a great new year.

> clark 'the dragon' willis


 
 
 

differences between su root and su - root

Post by Paul Koetsie » Sat, 04 Jan 2003 08:25:04


Like ty said, su - will take care of initializing the environment much
in the way it would have been if you would have logged on to the system
using this account.
One of the things that will be different is the value of the HOME
variable. I think this is what's causing your problem. My guess is that
the user has got a .netrc file in his homedir. The .netrc file can be
used (amongst other things) to automate the login proces. This could be
why you never see a login prompt. Read all about the .netrc file by
using man netrc

Good luck,

Paul


> Hey there.  I have a problem.  I have a user who needs to ftp off my
> non-ftp server using a tunnel through the firewall.  If the user tries
> to ftp, they get the following:

> 422 [people2]ediprod:/gentran/prod> ftp nnn.nnn.nnn.nnn
> Connected to nnn.nnn.nnn.nnn.
> 220 ieftp5 IE-FTP server (v4r1m0.e) ready on system USA.

> (It hangs up with no logon prompt)

> If I do a su root, I get the same thing:

> 246 [people2]ediprod:/gentran/prod> ftp nnn.nnn.nnn.nnn
> Connected to nnn.nnn.nnn.nnn.
> 220 ieftp5 IE-FTP server (v4r1m0.e) ready on system USA.

> (It hangs up with no logon prompt)

> But, if I use su - root, I get a successful connection:

> people2:/)ftp nnn.nnn.nnn.nnn
> Connected to nnn.nnn.nnn.nnn.
> 220 ieftp5 IE-FTP server (v4r1m0.e) ready on system USA.
> Name (nnn.nnn.nnn.nnn:xxxxxxx):

> I did a path and env on both the su and the - su and the only
> difference that I can see is this line:

> su - root : AUTHSTATE=files
> su root   : AUTHSTATE=compat

> However, even if I change the AUTHSTATE in the su root with the
> command
>  people2:/)export AUTHSTATE=files , it still does not work.

> Can anyone tell me what I am missing here and help be resolve this
> issue so my user will be a happy camper??

> thanks in advance, and have a great new year.

> clark 'the dragon' willis

 
 
 

1. Solution: differences between su root and su - root

After working with this for a few hours, a call to ibm aix support and
just plain trial and error messing around, it was determined that only
that specific user was having problems.  That any other user was able
to connect to the ftp at that site instantaneously with no problems.
So, we looked at the differences between that user and all the others
and discovered that someone had set up a .netrc file which did not
include an entry for the site he was trying to connect to.  And, after
more experiementation, it was discovered that we were actually able to
make a connection, if we waited long enogh, in this case about 3
minutes.

So, if anyone has a plausible explanation to this behavior, I'd be
happy to hear it.

clark 'the dragon' willis

2. That Sunday Times Linux article

3. su root: You do not have permission to su root ?

4. DTC SCSI Drivers...

5. su to a user then su to root in startup script

6. Using Linux in a whole product?

7. su problem -- su: Unknown id: root

8. Linux META-FAQ (part 1/1)

9. GNU su (was Re: Preventing SU Root)

10. Could su but says BAD SU from normal user to root

11. Cannot su, or su - to anything ~ including root

12. What is the difference between 'login: root' and 'su -' ?

13. PPP error when only su to root; OK if logged in as root