On Thu, 06 Sep 2007, in the Usenet newsgroup comp.os.linux.setup, in article <1189104898.984110.53080@22g2000hsm.googlegroups.com>, ianbrn@gmail.com wrote: NOTE: Posting from groups.google.com (or some web-forums) dramatically reduces the chance of your post being seen. Find a real news server. >After somebody else did some installations on this machine (as root), >the following happened: > I could **NOT** login to that machine as root when I was connected >directly to it. >When I entered, at the login prompt, the root as user name and the >password, there was a message of >"user unknown" for half a second or less (I could hardly read it ) and >that it ! the message vanished , and it returned to the login screen. A lot depends on how your SSH setup is configured - it often does NOT use the same files for login and shell startup as compared to logging in directly at a console login prompt. Something set to run locally when root logs in has been misconfigured. Note that the login mechanism and files used are different between run-level 3 and 5 (as well as being different from those used when coming in via SSH). See the man pages for your shell, 'login' and any GUI display manager ('kdm', 'gdm', 'xdm' or similar) you may be using. >I want also to emphasize that I made sure that the /etc/passwd does >include "root" entry, >and it does. Yeah, a lot of other stuff would die if that entry were missing. >Any ideas what can be the reason for it and what should I do to enable >login as root when connected directly ? What is going here ? Start by seeing if you can log in as a _regular_ user, and then 'su' (BUT WITHOUT THE DASH [su -] so that you retain the environment of the regular user. If so, 1. Look in /var/log/secure and /var/log/messages to see what is being logged for complaints. 2. 'cd' (no options or parameters), which should change the PWD to root's home directory. 'la -lArt' and see what files have been changed recently. Also check subdirectories in /root for similar changes. 3. 'rpm -Va > /tmp/files.to.check' and see what stuff has been messed with. NOTE: Depending on how much is installed, this command may take several minutes to complete. Use that time to read the 'rpm' man page so that you can understand the output - look under 'VERIFICATION'. NOTE: It is normal to see a number of files altered - usually file ownership and mode. 4. 'find / -mtime -X -exec ls -ld {} \; > /tmp/recent.files' where 'X' is one digit higher than the number of days you have had this problem, What has been changed? 5. Do you have any security extensions (SELinux) running? If you can not login as a regular user and 'su', try coming in via SSH and performing the commands noted above. If that doesn't work, try running in single user mode (run-level 1). If that doesn't work, restore root's home directory from the most recent backup made before your cow-corker screwed up the system. NOTE: Read the man pages for every command I've specified BEFORE using the command so that you understand the command and options I've shown. Old guy

On Sat, 08 Sep 2007, in the Usenet newsgroup comp.os.linux.setup, in article <1189262638.451104.279530@o80g2000hse.googlegroups.com>, Ottavio Caruso wrote: NOTE: Posting from groups.google.com (or some web-forums) dramatically reduces the chance of your post being seen. Find a real news server. >Moe Trin wrote: >> On Thu, 06 Sep 2007, in the Usenet newsgroup comp.os.linux.setup, in article >> <1189104898.984110.53080@22g2000hsm.googlegroups.com>, ianbrn@gmail.com wrote: >> >> NOTE: Posting from groups.google.com (or some web-forums) dramatically >> reduces the chance of your post being seen. Find a real news server. My news reader is configured to include that note when I respond to a Usenet article posted from groups.google.com. >Rubbish! Explain that! 1. Point your browser at this group, and read the article "A new reader? Welcome to comp.os.linux.setup, read this first if you're new here (FAQ)" specifically section 'iv)'. 2. Point your browser at the Usenet newsgroup 'comp.os.linux.misc' and note the ~120 articles posted between ~14:00 UTC Friday and ~14:00 UTC Saturday. I don't know about you, but I fail to see where advertisements for athletic shoes, pr0n sites, and windoze viruses are exactly related to Linux. 3. Point your browser at the Usenet newsgroup 'news.software.readers' and note the discussions there relating to groups.google.com. 4. Point your browser at the Usenet newsgroup 'alt.os.linux' and note the discussions there relating to groups.google.com. You are entitled to your own opinion. _ALL_ complaints to 'groups-abuse@google.com' are answered by an ignore-bot, and the abuse continues. Now, I could (and did) insert rules into my news reader killfile to block that trash - and the rules got rather excessive. compton ~]$ grep -vE '^([%\[ ]|Score|$)' /var/spool/slrnpull/score | cut -d' ' -f1 | sort | uniq -c | column 896 From: 7 Message-ID: 79 Xref: 2 Lines: 282 Subject: 2 ~Subject: [compton ~]$ So, like many, I've replaced a bunch of rules for the comp.os.linux.misc newsgroup with one: Message-ID: googlegroups.com with the result comp.os.linux.misc: 110/110 (47 killed) That was what the download looked like at 14:02 UTC Saturday. You may find different results. Some have gone so far as to make that a blanket rule applying to all groups. In my case, I'm only applying the rule to six groups (out of the 84 I try to at least scan daily). You seem to be posting from IP space owned by Demon Internet, and they even have their own news server. For others who aren't as lucky, there are free (as in "no cost") news servers with better abuse control than google, as well as a large number of low cost commercial news servers. A fair number of them even offer 'web' interface if for some bizarre reason that is the only access you have to the Internet. It's your choice. Old guy

On 2007-09-08, Ottavio Caruso <pr0f3ss0r1492@yahoo.com> wrote: > Moe Trin wrote: >> On Thu, 06 Sep 2007, in the Usenet newsgroup comp.os.linux.setup, in article >> <1189104898.984110.53080@22g2000hsm.googlegroups.com>, ianbrn@gmail.com wrote: >> >> NOTE: Posting from groups.google.com (or some web-forums) dramatically >> reduces the chance of your post being seen. Find a real news server. > Rubbish! Explain that! Google Groups has an extremely poor signal to noise ratio; a huge proportion of the spam seen on Usenet can be traced back to Google Groups. So much so that many people (not me, yet -- although I've been sorely tempted many times) explicitly filter out articles originating from Google Groups. -- John (john@os2.dhs.org)

On Sat, 08 Sep 2007, in the Usenet newsgroup comp.os.linux.setup, in article <4F24AE45D4%news@youmustbejoking.demon.cu.invalid>, Darren Salt wrote: >[snip; in reply to Ottavio Caruso] >> You seem to be posting from IP space owned by Demon Internet, and they >> even have their own news server. > >... but Usenet access via Demon's server isn't listed as part of their >Home 8000 offering, whereas it is for their Home/Office and Business >offerings. I >have no idea whether it's actually accessible by people >using Home 8000, though. Some ISPs seem to think it's not important (aol.com, Bharti, Reliance, and VSNL being examples which cause their "users" to post from google) but even .163.net in China has a server, and I've seen it used by their customers. None-the-less, as I continued ]] For others who aren't as lucky, there are free (as in "no cost") ]] news servers with better abuse control than google, as well as a ]] large number of low cost commercial news servers. A fair number ]] of them even offer 'web' interface if for some bizarre reason that ]] is the only access you have to the Internet. Some of the "free" servers (and web-forums that are porting Usenet) don't have the best reputation (and therefore may be killfiled by some), but they are _usually_ better than google. It doesn't have to take a lot of hardware, bandwidth, or effort to setup and run a news server. The "official" Big Eight newsgroups (comp.*, humanities.*, misc.*, news.*, rec.*, sci.*, soc.*, and talk.*) only total 2276 groups as of the 15th of August (see the post "List of Big Eight Newsgroups" posted to news.announce.newgroups, news.groups, and news.lists.misc on the 15th of each month), and even that list is getting smaller as the Big Eight managers are deleting "dead" groups. Actually, one of the ISPs I have access to seems to be carrying "anything you want - just ask for it", and the few times I've looked at it, I think it's a *nix server running leafnode and admin'ed by the owner's son. Old guy