# [Solved] Problem beim User Login

## Child_of_Sun_24

Hi @all

wenn ich versuche mich als normaler Benutzer anzumelden kommt da die Fehlermeldung:

Vita ~ # su aries

Kann /bin/bash nicht ausführen: Keine Berechtigung

Das selbe kommt beim normalen Login, in /var/log/everything/current steht auch nur:

Jun 16 20:56:44 [su] Successful su for aries by root

Jun 16 20:56:44 [su] + pts/0 root:aries

Jun 16 20:56:44 [su] pam_unix(su:session): session opened for user aries by root(uid=0)

Jun 16 20:56:44 [su] pam_unix(su:session): session closed for user aries

Irgendwie Komisch das ganze, habe von einer 2007.0er stage3 neu installiert, hatte diverse Problem mit Portage 2.1.3_rc2, nachdem ich dann Portage Version 2.1.2.7  Installiert hatte waren diese Probs aber auch beseitigt  (Es gab Probleme mit Dateizugriffsrechten, oder er hat bestimmte Dateien gar nicht erst emerged).

Naja jetzt müsste eigentlich alles klappen, also habe ich nen Benutzer angelegt und als ich mich anmelden wollte kam dieser Fehler, ich habe die Zugriffsrechte von /bin/bash auf 777 geändert, ohne veränderung auch mit 755 läuft es nicht, immer der selbe Fehler, ch weiß nicht mehr weiter im Forum gab es zwar ähnliche Probleme aber keine Lösung hat geholfen, ich hoffe irgend jemand von euch weiß weiter.

Danke schonmal,

CoS24Last edited by Child_of_Sun_24 on Sun Jun 17, 2007 6:47 am; edited 1 time in total

----------

## Child_of_Sun_24

Habe jetzt mal die zsh probeweise installiert, es taucht das selbe Problem auf, und wieder nichts aufschlussreiches in den Logs, allerdings kann ich den User aries auch nicht löschen weil er angeblich angemeldet ist, komisch das ganze.

CoS24

----------

## gabelhonz

Hi,

passiert das ganze nur in Verbindung mit su oder auch bei einem normalen login an den ttys.

wenn ich su ausführe mach ich das so: 

```
su - user
```

 Das - damit die Umgebungsvariablen mitübernommen werden.

Eventuell fehlen die PATH Variablen. Kein plan sonst probier es mit strace vorne weg und guck was passiert.

grüße

----------

## Child_of_Sun_24

Es passiert auch beim normalen Login und welche Shell ich ihm angebe ist völlig egal, er findet ja /bin/bash kann es nur nicht ausführen, denke das das Problem aber nicht bei /bin/bash liegt sondern bei dem Befehl der /bin/bash ausführen soll.

Mit strace habe ich noch keine erfahrung, werded mich mal reinarbeiten.

CoS24

----------

## Child_of_Sun_24

Ich kann mit dem strace Output leider nichts anfangen, ich kopiere ihn mal hier rein:

execve("/bin/su", ["su", "aries"], [/* 58 vars */]) = 0

brk(0)                                  = 0x50b000

mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b4d7d3a1000

uname({sys="Linux", node="Vita", ...})  = 0

access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)

open("/etc/ld.so.cache", O_RDONLY)      = 3

fstat(3, {st_mode=S_IFREG|0644, st_size=53469, ...}) = 0

mmap(NULL, 53469, PROT_READ, MAP_PRIVATE, 3, 0) = 0x2b4d7d3a2000

close(3)                                = 0

open("/lib/libcrypt.so.1", O_RDONLY)    = 3

read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\300\v\0"..., 832) = 832

fstat(3, {st_mode=S_IFREG|0755, st_size=22984, ...}) = 0

mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b4d7d3b0000

mmap(NULL, 1257888, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x2b4d7d4a3000

mprotect(0x2b4d7d4a8000, 1044480, PROT_NONE) = 0

mmap(0x2b4d7d5a7000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x4000) = 0x2b4d7d5a7000

mmap(0x2b4d7d5a9000, 184736, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x2b4d7d5a9000

close(3)                                = 0

open("/lib/libpam.so.0", O_RDONLY)      = 3

read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0p#\0\0\0"..., 832) = 832

fstat(3, {st_mode=S_IFREG|0755, st_size=51280, ...}) = 0

mmap(NULL, 1097160, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x2b4d7d5d7000

mprotect(0x2b4d7d5e3000, 1044480, PROT_NONE) = 0

mmap(0x2b4d7d6e2000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xb000) = 0x2b4d7d6e2000

close(3)                                = 0

open("/lib/libpam_misc.so.0", O_RDONLY) = 3

read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\360\20\0"..., 832) = 832

fstat(3, {st_mode=S_IFREG|0755, st_size=11688, ...}) = 0

mmap(NULL, 1058232, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x2b4d7d6e3000

mprotect(0x2b4d7d6e6000, 1044480, PROT_NONE) = 0

mmap(0x2b4d7d7e5000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x2b4d7d7e5000

close(3)                                = 0

open("/lib/libc.so.6", O_RDONLY)        = 3

read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0p\324\1\0"..., 832) = 832

fstat(3, {st_mode=S_IFREG|0755, st_size=1318352, ...}) = 0

mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b4d7d7e6000

mmap(NULL, 2334920, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x2b4d7d7e7000

mprotect(0x2b4d7d918000, 1048576, PROT_NONE) = 0

mmap(0x2b4d7da18000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x131000) = 0x2b4d7da18000

mmap(0x2b4d7da1d000, 16584, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x2b4d7da1d000

close(3)                                = 0

open("/lib/libdl.so.2", O_RDONLY)       = 3

read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\200\20\0"..., 832) = 832

fstat(3, {st_mode=S_IFREG|0755, st_size=15112, ...}) = 0

mmap(NULL, 1061152, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x2b4d7da22000

mprotect(0x2b4d7da24000, 1048576, PROT_NONE) = 0

mmap(0x2b4d7db24000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x2b4d7db24000

close(3)                                = 0

mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b4d7db26000

mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b4d7db27000

arch_prctl(ARCH_SET_FS, 0x2b4d7db26ae0) = 0

mprotect(0x2b4d7da18000, 12288, PROT_READ) = 0

mprotect(0x2b4d7d4a1000, 4096, PROT_READ) = 0

munmap(0x2b4d7d3a2000, 53469)           = 0

brk(0)                                  = 0x50b000

brk(0x52c000)                           = 0x52c000

open("/usr/lib64/locale/locale-archive", O_RDONLY) = -1 ENOENT (No such file or directory)

open("/usr/share/locale/locale.alias", O_RDONLY) = 3

fstat(3, {st_mode=S_IFREG|0644, st_size=2586, ...}) = 0

mmap(NULL, 65536, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b4d7d3b1000

read(3, "# Locale name alias data base.\n#"..., 65536) = 2586

read(3, "", 65536)                      = 0

close(3)                                = 0

munmap(0x2b4d7d3b1000, 65536)           = 0

open("/usr/lib64/locale/de_DE.utf8/LC_IDENTIFICATION", O_RDONLY) = 3

fstat(3, {st_mode=S_IFREG|0644, st_size=375, ...}) = 0

mmap(NULL, 375, PROT_READ, MAP_PRIVATE, 3, 0) = 0x2b4d7d3b1000

close(3)                                = 0

open("/usr/lib64/gconv/gconv-modules.cache", O_RDONLY) = 3

fstat(3, {st_mode=S_IFREG|0644, st_size=25462, ...}) = 0

mmap(NULL, 25462, PROT_READ, MAP_SHARED, 3, 0) = 0x2b4d7d3b2000

close(3)                                = 0

open("/usr/lib64/locale/de_DE.utf8/LC_MEASUREMENT", O_RDONLY) = 3

fstat(3, {st_mode=S_IFREG|0644, st_size=23, ...}) = 0

mmap(NULL, 23, PROT_READ, MAP_PRIVATE, 3, 0) = 0x2b4d7d3b9000

close(3)                                = 0

open("/usr/lib64/locale/de_DE.utf8/LC_TELEPHONE", O_RDONLY) = 3

fstat(3, {st_mode=S_IFREG|0644, st_size=56, ...}) = 0

mmap(NULL, 56, PROT_READ, MAP_PRIVATE, 3, 0) = 0x2b4d7d3ba000

close(3)                                = 0

open("/usr/lib64/locale/de_DE.utf8/LC_ADDRESS", O_RDONLY) = 3

fstat(3, {st_mode=S_IFREG|0644, st_size=159, ...}) = 0

mmap(NULL, 159, PROT_READ, MAP_PRIVATE, 3, 0) = 0x2b4d7d3bb000

close(3)                                = 0

open("/usr/lib64/locale/de_DE.utf8/LC_NAME", O_RDONLY) = 3

fstat(3, {st_mode=S_IFREG|0644, st_size=83, ...}) = 0

mmap(NULL, 83, PROT_READ, MAP_PRIVATE, 3, 0) = 0x2b4d7d3bc000

close(3)                                = 0

open("/usr/lib64/locale/de_DE.utf8/LC_PAPER", O_RDONLY) = 3

fstat(3, {st_mode=S_IFREG|0644, st_size=34, ...}) = 0

mmap(NULL, 34, PROT_READ, MAP_PRIVATE, 3, 0) = 0x2b4d7d3bd000

close(3)                                = 0

open("/usr/lib64/locale/de_DE.utf8/LC_MESSAGES", O_RDONLY) = 3

fstat(3, {st_mode=S_IFDIR|0755, st_size=3, ...}) = 0

close(3)                                = 0

open("/usr/lib64/locale/de_DE.utf8/LC_MESSAGES/SYS_LC_MESSAGES", O_RDONLY) = 3

fstat(3, {st_mode=S_IFREG|0644, st_size=54, ...}) = 0

mmap(NULL, 54, PROT_READ, MAP_PRIVATE, 3, 0) = 0x2b4d7d3be000

close(3)                                = 0

open("/usr/lib64/locale/de_DE.utf8/LC_MONETARY", O_RDONLY) = 3

fstat(3, {st_mode=S_IFREG|0644, st_size=294, ...}) = 0

mmap(NULL, 294, PROT_READ, MAP_PRIVATE, 3, 0) = 0x2b4d7d3bf000

close(3)                                = 0

open("/usr/lib64/locale/de_DE.utf8/LC_COLLATE", O_RDONLY) = 3

fstat(3, {st_mode=S_IFREG|0644, st_size=880086, ...}) = 0

mmap(NULL, 880086, PROT_READ, MAP_PRIVATE, 3, 0) = 0x2b4d7d3c0000

close(3)                                = 0

open("/usr/lib64/locale/de_DE.utf8/LC_TIME", O_RDONLY) = 3

fstat(3, {st_mode=S_IFREG|0644, st_size=2354, ...}) = 0

mmap(NULL, 2354, PROT_READ, MAP_PRIVATE, 3, 0) = 0x2b4d7d497000

close(3)                                = 0

open("/usr/lib64/locale/de_DE.utf8/LC_NUMERIC", O_RDONLY) = 3

fstat(3, {st_mode=S_IFREG|0644, st_size=54, ...}) = 0

mmap(NULL, 54, PROT_READ, MAP_PRIVATE, 3, 0) = 0x2b4d7d498000

close(3)                                = 0

open("/usr/lib64/locale/de_DE.utf8/LC_CTYPE", O_RDONLY) = 3

fstat(3, {st_mode=S_IFREG|0644, st_size=238624, ...}) = 0

mmap(NULL, 238624, PROT_READ, MAP_PRIVATE, 3, 0) = 0x2b4d7db28000

close(3)                                = 0

getuid()                                = 0

ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 0

ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 0

readlink("/proc/self/fd/0", "/dev/pts/1", 4095) = 10

ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 0

readlink("/proc/self/fd/0", "/dev/pts/1", 511) = 10

access("/var/run/utmpx", F_OK)          = -1 ENOENT (No such file or directory)

open("/var/run/utmp", O_RDWR)           = 3

fcntl(3, F_GETFD)                       = 0

fcntl(3, F_SETFD, FD_CLOEXEC)           = 0

lseek(3, 0, SEEK_SET)                   = 0

alarm(0)                                = 0

rt_sigaction(SIGALRM, {0x2b4d7d8d3710, [], SA_RESTORER, 0x2b4d7d816940}, {SIG_DFL},  :Cool:  = 0

alarm(1)                                = 0

fcntl(3, F_SETLKW, {type=F_RDLCK, whence=SEEK_SET, start=0, len=0}) = 0

read(3, "\10\0\0\0\315\4\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\2\0\0\0\0\0\0\0~\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\10\0\0\0001\r\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\1\0\0\0003N\0\0~\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\10\0\0\0\263\23\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\240\26\0\0tty1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\241\26\0\0tty2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\242\26\0\0tty3\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\6\0\0\0\243\26\0\0tty4\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\6\0\0\0\244\26\0\0tty5\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\6\0\0\0\245\26\0\0tty6\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\177\31\0\0pts/0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0002|\0\0pts/1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

fcntl(3, F_SETLKW, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 0

alarm(0)                                = 1

rt_sigaction(SIGALRM, {SIG_DFL}, NULL,  :Cool:  = 0

close(3)                                = 0

getuid()                                = 0

socket(PF_FILE, SOCK_STREAM, 0)         = 3

fcntl(3, F_GETFL)                       = 0x2 (flags O_RDWR)

fcntl(3, F_SETFL, O_RDWR|O_NONBLOCK)    = 0

connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = 0

poll([{fd=3, events=POLLOUT|POLLERR|POLLHUP, revents=POLLOUT}], 1, 5000) = 1

sendto(3, "\2\0\0\0\v\0\0\0\7\0\0\0passwd\0}", 20, MSG_NOSIGNAL, NULL, 0) = 20

poll([{fd=3, events=POLLIN|POLLERR|POLLHUP, revents=POLLIN|POLLERR|POLLHUP}], 1, 5000) = 1

recvmsg(3, 0x7fff2d722270, 0)           = -1 ECONNRESET (Connection reset by peer)

close(3)                                = 0

socket(PF_FILE, SOCK_STREAM, 0)         = 3

fcntl(3, F_GETFL)                       = 0x2 (flags O_RDWR)

fcntl(3, F_SETFL, O_RDWR|O_NONBLOCK)    = 0

connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = 0

poll([{fd=3, events=POLLOUT|POLLERR|POLLHUP, revents=POLLOUT}], 1, 5000) = 1

writev(3, [{"\2\0\0\0\0\0\0\0\5\0\0\0", 12}, {"root\0", 5}], 2) = 17

poll([{fd=3, events=POLLIN|POLLERR|POLLHUP, revents=POLLIN|POLLHUP}], 1, 5000) = 1

read(3, "\2\0\0\0\1\0\0\0\5\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0\5\0\0"..., 36) = 36

read(3, "root\0x\0root\0/root\0/bin/bash\0", 2 :Cool:  = 28

close(3)                                = 0

stat("/etc/pam.d", {st_mode=S_IFDIR|0755, st_size=38, ...}) = 0

open("/etc/pam.d/su", O_RDONLY)         = 3

fstat(3, {st_mode=S_IFREG|0755, st_size=1059, ...}) = 0

mmap(NULL, 65536, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b4d7db63000

read(3, "#%PAM-1.0\n\nauth       sufficient"..., 65536) = 1059

open("/lib64/security/pam_rootok.so", O_RDONLY) = 4

read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20\6\0\0"..., 832) = 832

fstat(4, {st_mode=S_IFREG|0755, st_size=5136, ...}) = 0

mmap(NULL, 1051752, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x2b4d7db73000

mprotect(0x2b4d7db74000, 1044480, PROT_NONE) = 0

mmap(0x2b4d7dc73000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0) = 0x2b4d7dc73000

close(4)                                = 0

open("/lib64/security/pam_wheel.so", O_RDONLY) = 4

read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320\t\0"..., 832) = 832

fstat(4, {st_mode=S_IFREG|0755, st_size=7864, ...}) = 0

mmap(NULL, 1054480, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x2b4d7dc74000

mprotect(0x2b4d7dc76000, 1044480, PROT_NONE) = 0

mmap(0x2b4d7dd75000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x1000) = 0x2b4d7dd75000

close(4)                                = 0

open("/etc/pam.d/system-auth", O_RDONLY) = 4

fstat(4, {st_mode=S_IFREG|0644, st_size=447, ...}) = 0

mmap(NULL, 65536, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b4d7dd76000

read(4, "#%PAM-1.0\n\nauth       required\tp"..., 65536) = 447

open("/lib64/security/pam_env.so", O_RDONLY) = 5

read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\f\0\0"..., 832) = 832

fstat(5, {st_mode=S_IFREG|0755, st_size=13032, ...}) = 0

mmap(NULL, 1059648, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0x2b4d7dd86000

mprotect(0x2b4d7dd89000, 1044480, PROT_NONE) = 0

mmap(0x2b4d7de88000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x2000) = 0x2b4d7de88000

close(5)                                = 0

open("/lib64/security/pam_unix.so", O_RDONLY) = 5

read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\340%\0\0"..., 832) = 832

fstat(5, {st_mode=S_IFREG|0755, st_size=50256, ...}) = 0

mmap(NULL, 1145736, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0x2b4d7de89000

mprotect(0x2b4d7de95000, 1044480, PROT_NONE) = 0

mmap(0x2b4d7df94000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0xb000) = 0x2b4d7df94000

mmap(0x2b4d7df95000, 48008, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x2b4d7df95000

close(5)                                = 0

open("/etc/ld.so.cache", O_RDONLY)      = 5

fstat(5, {st_mode=S_IFREG|0644, st_size=53469, ...}) = 0

mmap(NULL, 53469, PROT_READ, MAP_PRIVATE, 5, 0) = 0x2b4d7dfa1000

close(5)                                = 0

open("/lib/libcrack.so.2", O_RDONLY)    = 5

read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20:\0\0"..., 832) = 832

fstat(5, {st_mode=S_IFREG|0755, st_size=38880, ...}) = 0

mmap(NULL, 1100320, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0x2b4d7dfaf000

mprotect(0x2b4d7dfb7000, 1048576, PROT_NONE) = 0

mmap(0x2b4d7e0b7000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x8000) = 0x2b4d7e0b7000

mmap(0x2b4d7e0b8000, 14880, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x2b4d7e0b8000

close(5)                                = 0

open("/lib/libnsl.so.1", O_RDONLY)      = 5

read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260E\0\0"..., 832) = 832

fstat(5, {st_mode=S_IFREG|0755, st_size=82248, ...}) = 0

mmap(NULL, 1137008, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0x2b4d7e0bc000

mprotect(0x2b4d7e0cf000, 1044480, PROT_NONE) = 0

mmap(0x2b4d7e1ce000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x12000) = 0x2b4d7e1ce000

mmap(0x2b4d7e1d0000, 6512, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x2b4d7e1d0000

close(5)                                = 0

munmap(0x2b4d7dfa1000, 53469)           = 0

open("/lib64/security/pam_deny.so", O_RDONLY) = 5

read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\340\5\0"..., 832) = 832

fstat(5, {st_mode=S_IFREG|0755, st_size=4496, ...}) = 0

mmap(NULL, 1051184, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0x2b4d7e1d2000

mprotect(0x2b4d7e1d3000, 1044480, PROT_NONE) = 0

mmap(0x2b4d7e2d2000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0) = 0x2b4d7e2d2000

close(5)                                = 0

read(4, "", 65536)                      = 0

close(4)                                = 0

munmap(0x2b4d7dd76000, 65536)           = 0

open("/etc/pam.d/system-auth", O_RDONLY) = 4

fstat(4, {st_mode=S_IFREG|0644, st_size=447, ...}) = 0

mmap(NULL, 65536, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b4d7dd76000

read(4, "#%PAM-1.0\n\nauth       required\tp"..., 65536) = 447

read(4, "", 65536)                      = 0

close(4)                                = 0

munmap(0x2b4d7dd76000, 65536)           = 0

open("/etc/pam.d/system-auth", O_RDONLY) = 4

fstat(4, {st_mode=S_IFREG|0644, st_size=447, ...}) = 0

mmap(NULL, 65536, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b4d7dd76000

read(4, "#%PAM-1.0\n\nauth       required\tp"..., 65536) = 447

open("/lib64/security/pam_cracklib.so", O_RDONLY) = 5

read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\200\16\0"..., 832) = 832

fstat(5, {st_mode=S_IFREG|0755, st_size=12608, ...}) = 0

mmap(NULL, 1075648, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0x2b4d7e2d3000

mprotect(0x2b4d7e2d6000, 1044480, PROT_NONE) = 0

mmap(0x2b4d7e3d5000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x2000) = 0x2b4d7e3d5000

mmap(0x2b4d7e3d6000, 14784, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x2b4d7e3d6000

close(5)                                = 0

read(4, "", 65536)                      = 0

close(4)                                = 0

munmap(0x2b4d7dd76000, 65536)           = 0

open("/etc/pam.d/system-auth", O_RDONLY) = 4

fstat(4, {st_mode=S_IFREG|0644, st_size=447, ...}) = 0

mmap(NULL, 65536, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b4d7dd76000

read(4, "#%PAM-1.0\n\nauth       required\tp"..., 65536) = 447

open("/lib64/security/pam_limits.so", O_RDONLY) = 5

read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\200\20\0"..., 832) = 832

fstat(5, {st_mode=S_IFREG|0755, st_size=15176, ...}) = 0

mmap(NULL, 1061712, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0x2b4d7e3da000

mprotect(0x2b4d7e3dd000, 1048576, PROT_NONE) = 0

mmap(0x2b4d7e4dd000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x3000) = 0x2b4d7e4dd000

close(5)                                = 0

read(4, "", 65536)                      = 0

close(4)                                = 0

munmap(0x2b4d7dd76000, 65536)           = 0

open("/lib64/security/pam_xauth.so", O_RDONLY) = 4

read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\240\26\0"..., 832) = 832

fstat(4, {st_mode=S_IFREG|0755, st_size=18032, ...}) = 0

mmap(NULL, 1064648, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x2b4d7e4de000

mprotect(0x2b4d7e4e2000, 1044480, PROT_NONE) = 0

mmap(0x2b4d7e5e1000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x3000) = 0x2b4d7e5e1000

close(4)                                = 0

read(3, "", 65536)                      = 0

close(3)                                = 0

munmap(0x2b4d7db63000, 65536)           = 0

open("/etc/pam.d/other", O_RDONLY)      = 3

fstat(3, {st_mode=S_IFREG|0755, st_size=139, ...}) = 0

mmap(NULL, 65536, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b4d7db63000

read(3, "#%PAM-1.0\n\nauth       required\tp"..., 65536) = 139

read(3, "", 65536)                      = 0

close(3)                                = 0

munmap(0x2b4d7db63000, 65536)           = 0

socket(PF_FILE, SOCK_STREAM, 0)         = 3

fcntl(3, F_GETFL)                       = 0x2 (flags O_RDWR)

fcntl(3, F_SETFL, O_RDWR|O_NONBLOCK)    = 0

connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = 0

poll([{fd=3, events=POLLOUT|POLLERR|POLLHUP, revents=POLLOUT}], 1, 5000) = 1

writev(3, [{"\2\0\0\0\0\0\0\0\6\0\0\0", 12}, {"aries\0", 6}], 2) = 18

poll([{fd=3, events=POLLIN|POLLERR|POLLHUP, revents=POLLIN|POLLHUP}], 1, 5000) = 1

read(3, "\2\0\0\0\1\0\0\0\6\0\0\0\2\0\0\0\350\3\0\0\350\3\0\0\1"..., 36) = 36

read(3, "aries\0x\0\0/home/aries\0/bin/bash\0", 31) = 31

close(3)                                = 0

open("/etc/shells", O_RDONLY)           = 3

fstat(3, {st_mode=S_IFREG|0644, st_size=118, ...}) = 0

fstat(3, {st_mode=S_IFREG|0644, st_size=118, ...}) = 0

mmap(NULL, 65536, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b4d7db63000

read(3, "# /etc/shells: valid login shell"..., 65536) = 118

read(3, "", 65536)                      = 0

close(3)                                = 0

munmap(0x2b4d7db63000, 65536)           = 0

rt_sigaction(SIGINT, {SIG_IGN}, {SIG_DFL},  :Cool:  = 0

rt_sigaction(SIGQUIT, {SIG_IGN}, {SIG_DFL},  :Cool:  = 0

getuid()                                = 0

getuid()                                = 0

socket(PF_FILE, SOCK_STREAM, 0)         = 3

fcntl(3, F_GETFL)                       = 0x2 (flags O_RDWR)

fcntl(3, F_SETFL, O_RDWR|O_NONBLOCK)    = 0

connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = 0

poll([{fd=3, events=POLLOUT|POLLERR|POLLHUP, revents=POLLOUT}], 1, 5000) = 1

writev(3, [{"\2\0\0\0\0\0\0\0\6\0\0\0", 12}, {"aries\0", 6}], 2) = 18

poll([{fd=3, events=POLLIN|POLLERR|POLLHUP, revents=POLLIN|POLLHUP}], 1, 5000) = 1

read(3, "\2\0\0\0\1\0\0\0\6\0\0\0\2\0\0\0\350\3\0\0\350\3\0\0\1"..., 36) = 36

read(3, "aries\0x\0\0/home/aries\0/bin/bash\0", 31) = 31

close(3)                                = 0

open("/etc/nsswitch.conf", O_RDONLY)    = 3

fstat(3, {st_mode=S_IFREG|0644, st_size=508, ...}) = 0

mmap(NULL, 65536, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b4d7db63000

read(3, "# /etc/nsswitch.conf:\n# $Header:"..., 65536) = 508

read(3, "", 65536)                      = 0

close(3)                                = 0

munmap(0x2b4d7db63000, 65536)           = 0

open("/etc/ld.so.cache", O_RDONLY)      = 3

fstat(3, {st_mode=S_IFREG|0644, st_size=53469, ...}) = 0

mmap(NULL, 53469, PROT_READ, MAP_PRIVATE, 3, 0) = 0x2b4d7db63000

close(3)                                = 0

open("/lib/libnss_compat.so.2", O_RDONLY) = 3

read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260\26\0"..., 832) = 832

fstat(3, {st_mode=S_IFREG|0755, st_size=31760, ...}) = 0

mmap(NULL, 1078504, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x2b4d7e5e2000

mprotect(0x2b4d7e5e9000, 1044480, PROT_NONE) = 0

mmap(0x2b4d7e6e8000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x2b4d7e6e8000

close(3)                                = 0

munmap(0x2b4d7db63000, 53469)           = 0

open("/etc/ld.so.cache", O_RDONLY)      = 3

fstat(3, {st_mode=S_IFREG|0644, st_size=53469, ...}) = 0

mmap(NULL, 53469, PROT_READ, MAP_PRIVATE, 3, 0) = 0x2b4d7db63000

close(3)                                = 0

open("/lib/libnss_nis.so.2", O_RDONLY)  = 3

read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20$\0\0"..., 832) = 832

fstat(3, {st_mode=S_IFREG|0755, st_size=39984, ...}) = 0

mmap(NULL, 1086680, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x2b4d7e6ea000

mprotect(0x2b4d7e6f3000, 1044480, PROT_NONE) = 0

mmap(0x2b4d7e7f2000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x8000) = 0x2b4d7e7f2000

close(3)                                = 0

open("/lib/libnss_files.so.2", O_RDONLY) = 3

read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\240#\0\0"..., 832) = 832

fstat(3, {st_mode=S_IFREG|0755, st_size=43960, ...}) = 0

mmap(NULL, 1090888, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x2b4d7e7f4000

mprotect(0x2b4d7e7fe000, 1044480, PROT_NONE) = 0

mmap(0x2b4d7e8fd000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x9000) = 0x2b4d7e8fd000

close(3)                                = 0

munmap(0x2b4d7db63000, 53469)           = 0

open("/etc/shadow", O_RDONLY)           = 3

fcntl(3, F_GETFD)                       = 0

fcntl(3, F_SETFD, FD_CLOEXEC)           = 0

lseek(3, 0, SEEK_CUR)                   = 0

fstat(3, {st_mode=S_IFREG|0600, st_size=483, ...}) = 0

mmap(NULL, 483, PROT_READ, MAP_SHARED, 3, 0) = 0x2b4d7db63000

lseek(3, 483, SEEK_SET)                 = 483

munmap(0x2b4d7db63000, 483)             = 0

close(3)                                = 0

rt_sigaction(SIGINT, {SIG_DFL}, {SIG_IGN},  :Cool:  = 0

rt_sigaction(SIGQUIT, {SIG_DFL}, {SIG_IGN},  :Cool:  = 0

open("/etc/login.defs", O_RDONLY)       = 3

fstat(3, {st_mode=S_IFREG|0644, st_size=8869, ...}) = 0

mmap(NULL, 65536, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b4d7db63000

read(3, "#\n# /etc/login.defs - Configurat"..., 65536) = 8869

read(3, "", 65536)                      = 0

close(3)                                = 0

munmap(0x2b4d7db63000, 65536)           = 0

open("/etc/localtime", O_RDONLY)        = 3

fstat(3, {st_mode=S_IFREG|0644, st_size=2295, ...}) = 0

fstat(3, {st_mode=S_IFREG|0644, st_size=2295, ...}) = 0

mmap(NULL, 65536, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b4d7db63000

read(3, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\10\0\0\0\10\0"..., 65536) = 2295

close(3)                                = 0

munmap(0x2b4d7db63000, 65536)           = 0

stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2295, ...}) = 0

stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2295, ...}) = 0

stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2295, ...}) = 0

getpid()                                = 10770

socket(PF_FILE, SOCK_DGRAM, 0)          = 3

fcntl(3, F_SETFD, FD_CLOEXEC)           = 0

connect(3, {sa_family=AF_FILE, path="/dev/log"}, 110) = 0

sendto(3, "<86>Jun 17 07:13:52 su[10770]: S"..., 62, MSG_NOSIGNAL, NULL, 0) = 62

stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2295, ...}) = 0

stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2295, ...}) = 0

stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2295, ...}) = 0

sendto(3, "<86>Jun 17 07:13:52 su[10770]: +"..., 49, MSG_NOSIGNAL, NULL, 0) = 49

setgid(1000)                            = 0

open("/proc/sys/kernel/ngroups_max", O_RDONLY) = 4

read(4, "65536\n", 31)                  = 6

close(4)                                = 0

socket(PF_FILE, SOCK_STREAM, 0)         = 4

fcntl(4, F_GETFL)                       = 0x2 (flags O_RDWR)

fcntl(4, F_SETFL, O_RDWR|O_NONBLOCK)    = 0

connect(4, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = 0

poll([{fd=4, events=POLLOUT|POLLERR|POLLHUP, revents=POLLOUT}], 1, 5000) = 1

sendto(4, "\2\0\0\0\f\0\0\0\6\0\0\0group\0r-", 20, MSG_NOSIGNAL, NULL, 0) = 20

poll([{fd=4, events=POLLIN|POLLERR|POLLHUP, revents=POLLIN|POLLERR|POLLHUP}], 1, 5000) = 1

recvmsg(4, 0x7fff2d7222b0, 0)           = -1 ECONNRESET (Connection reset by peer)

close(4)                                = 0

socket(PF_FILE, SOCK_STREAM, 0)         = 4

fcntl(4, F_GETFL)                       = 0x2 (flags O_RDWR)

fcntl(4, F_SETFL, O_RDWR|O_NONBLOCK)    = 0

connect(4, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = 0

poll([{fd=4, events=POLLOUT|POLLERR|POLLHUP, revents=POLLOUT}], 1, 5000) = 1

writev(4, [{"\2\0\0\0\17\0\0\0\6\0\0\0", 12}, {"aries\0", 6}], 2) = 18

poll([{fd=4, events=POLLIN|POLLERR|POLLHUP, revents=POLLIN|POLLHUP}], 1, 5000) = 1

read(4, "\2\0\0\0\1\0\0\0\4\0\0\0", 12) = 12

read(4, "\n\0\0\0\22\0\0\0\33\0\0\0d\0\0\0", 16) = 16

close(4)                                = 0

setgroups(5, [10, 18, 27, 100, 1000])   = 0

socket(PF_FILE, SOCK_STREAM, 0)         = 4

fcntl(4, F_GETFL)                       = 0x2 (flags O_RDWR)

fcntl(4, F_SETFL, O_RDWR|O_NONBLOCK)    = 0

connect(4, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = 0

poll([{fd=4, events=POLLOUT|POLLERR|POLLHUP, revents=POLLOUT}], 1, 5000) = 1

writev(4, [{"\2\0\0\0\0\0\0\0\6\0\0\0", 12}, {"aries\0", 6}], 2) = 18

poll([{fd=4, events=POLLIN|POLLERR|POLLHUP, revents=POLLIN|POLLHUP}], 1, 5000) = 1

read(4, "\2\0\0\0\1\0\0\0\6\0\0\0\2\0\0\0\350\3\0\0\350\3\0\0\1"..., 36) = 36

read(4, "aries\0x\0\0/home/aries\0/bin/bash\0", 31) = 31

close(4)                                = 0

getrlimit(RLIMIT_CPU, {rlim_cur=RLIM_INFINITY, rlim_max=RLIM_INFINITY}) = 0

getrlimit(RLIMIT_FSIZE, {rlim_cur=RLIM_INFINITY, rlim_max=RLIM_INFINITY}) = 0

getrlimit(RLIMIT_DATA, {rlim_cur=RLIM_INFINITY, rlim_max=RLIM_INFINITY}) = 0

getrlimit(RLIMIT_STACK, {rlim_cur=8192*1024, rlim_max=RLIM_INFINITY}) = 0

getrlimit(RLIMIT_CORE, {rlim_cur=0, rlim_max=RLIM_INFINITY}) = 0

getrlimit(RLIMIT_RSS, {rlim_cur=RLIM_INFINITY, rlim_max=RLIM_INFINITY}) = 0

getrlimit(RLIMIT_NPROC, {rlim_cur=16375, rlim_max=16375}) = 0

getrlimit(RLIMIT_NOFILE, {rlim_cur=1024, rlim_max=1024}) = 0

getrlimit(RLIMIT_MEMLOCK, {rlim_cur=32*1024, rlim_max=32*1024}) = 0

getrlimit(RLIMIT_AS, {rlim_cur=RLIM_INFINITY, rlim_max=RLIM_INFINITY}) = 0

getrlimit(RLIMIT_LOCKS, {rlim_cur=RLIM_INFINITY, rlim_max=RLIM_INFINITY}) = 0

getrlimit(RLIMIT_SIGPENDING, {rlim_cur=16375, rlim_max=16375}) = 0

getrlimit(RLIMIT_MSGQUEUE, {rlim_cur=800*1024, rlim_max=800*1024}) = 0

getrlimit(RLIMIT_NICE, {rlim_cur=0, rlim_max=0}) = 0

getrlimit(RLIMIT_RTPRIO, {rlim_cur=0, rlim_max=0}) = 0

getpriority(PRIO_PROCESS, 0)            = 20

open("/etc/security/limits.conf", O_RDONLY) = 4

fstat(4, {st_mode=S_IFREG|0644, st_size=1802, ...}) = 0

mmap(NULL, 65536, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b4d7db63000

read(4, "# /etc/security/limits.conf\n#\n#E"..., 65536) = 1802

read(4, "", 65536)                      = 0

close(4)                                = 0

munmap(0x2b4d7db63000, 65536)           = 0

setpriority(PRIO_PROCESS, 0, 0)         = 0

getuid()                                = 0

access("/var/run/utmpx", F_OK)          = -1 ENOENT (No such file or directory)

open("/var/run/utmp", O_RDWR)           = 4

fcntl(4, F_GETFD)                       = 0

fcntl(4, F_SETFD, FD_CLOEXEC)           = 0

lseek(4, 0, SEEK_SET)                   = 0

alarm(0)                                = 0

rt_sigaction(SIGALRM, {0x2b4d7d8d3710, [], SA_RESTORER, 0x2b4d7d816940}, {SIG_DFL},  :Cool:  = 0

alarm(1)                                = 0

fcntl(4, F_SETLKW, {type=F_RDLCK, whence=SEEK_SET, start=0, len=0}) = 0

read(4, "\10\0\0\0\315\4\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(4, "\2\0\0\0\0\0\0\0~\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(4, "\10\0\0\0001\r\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(4, "\1\0\0\0003N\0\0~\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(4, "\10\0\0\0\263\23\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(4, "\7\0\0\0\240\26\0\0tty1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(4, "\7\0\0\0\241\26\0\0tty2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(4, "\7\0\0\0\242\26\0\0tty3\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(4, "\6\0\0\0\243\26\0\0tty4\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(4, "\6\0\0\0\244\26\0\0tty5\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(4, "\6\0\0\0\245\26\0\0tty6\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(4, "\7\0\0\0\177\31\0\0pts/0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(4, "\7\0\0\0002|\0\0pts/1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

fcntl(4, F_SETLKW, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 0

alarm(0)                                = 1

rt_sigaction(SIGALRM, {SIG_DFL}, NULL,  :Cool:  = 0

close(4)                                = 0

getuid()                                = 0

stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2295, ...}) = 0

stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2295, ...}) = 0

stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2295, ...}) = 0

sendto(3, "<86>Jun 17 07:13:52 su[10770]: p"..., 97, MSG_NOSIGNAL, NULL, 0) = 97

open("/etc/security/pam_env.conf", O_RDONLY) = 4

fstat(4, {st_mode=S_IFREG|0644, st_size=2980, ...}) = 0

mmap(NULL, 65536, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b4d7db63000

read(4, "#\n# This is the configuration fi"..., 65536) = 2980

read(4, "", 65536)                      = 0

close(4)                                = 0

munmap(0x2b4d7db63000, 65536)           = 0

open("/etc/environment", O_RDONLY)      = 4

fstat(4, {st_mode=S_IFREG|0644, st_size=97, ...}) = 0

mmap(NULL, 65536, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b4d7db63000

read(4, "#\n# This file is parsed by pam_e"..., 65536) = 97

read(4, "", 65536)                      = 0

close(4)                                = 0

munmap(0x2b4d7db63000, 65536)           = 0

access("/usr/bin/xauth", X_OK)          = 0

getuid()                                = 0

socket(PF_FILE, SOCK_STREAM, 0)         = 4

fcntl(4, F_GETFL)                       = 0x2 (flags O_RDWR)

fcntl(4, F_SETFL, O_RDWR|O_NONBLOCK)    = 0

connect(4, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = 0

poll([{fd=4, events=POLLOUT|POLLERR|POLLHUP, revents=POLLOUT}], 1, 5000) = 1

writev(4, [{"\2\0\0\0\1\0\0\0\2\0\0\0", 12}, {"0\0", 2}], 2) = 14

poll([{fd=4, events=POLLIN|POLLERR|POLLHUP, revents=POLLIN|POLLHUP}], 1, 5000) = 1

read(4, "\2\0\0\0\1\0\0\0\5\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0\5\0\0"..., 36) = 36

read(4, "root\0x\0root\0/root\0/bin/bash\0", 2 :Cool:  = 28

close(4)                                = 0

socket(PF_FILE, SOCK_STREAM, 0)         = 4

fcntl(4, F_GETFL)                       = 0x2 (flags O_RDWR)

fcntl(4, F_SETFL, O_RDWR|O_NONBLOCK)    = 0

connect(4, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = 0

poll([{fd=4, events=POLLOUT|POLLERR|POLLHUP, revents=POLLOUT}], 1, 5000) = 1

writev(4, [{"\2\0\0\0\0\0\0\0\6\0\0\0", 12}, {"aries\0", 6}], 2) = 18

poll([{fd=4, events=POLLIN|POLLERR|POLLHUP, revents=POLLIN|POLLHUP}], 1, 5000) = 1

read(4, "\2\0\0\0\1\0\0\0\6\0\0\0\2\0\0\0\350\3\0\0\350\3\0\0\1"..., 36) = 36

read(4, "aries\0x\0\0/home/aries\0/bin/bash\0", 31) = 31

close(4)                                = 0

getuid()                                = 0

socket(PF_FILE, SOCK_STREAM, 0)         = 4

fcntl(4, F_GETFL)                       = 0x2 (flags O_RDWR)

fcntl(4, F_SETFL, O_RDWR|O_NONBLOCK)    = 0

connect(4, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = 0

poll([{fd=4, events=POLLOUT|POLLERR|POLLHUP, revents=POLLOUT}], 1, 5000) = 1

writev(4, [{"\2\0\0\0\0\0\0\0\5\0\0\0", 12}, {"root\0", 5}], 2) = 17

poll([{fd=4, events=POLLIN|POLLERR|POLLHUP, revents=POLLIN|POLLHUP}], 1, 5000) = 1

read(4, "\2\0\0\0\1\0\0\0\5\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0\5\0\0"..., 36) = 36

read(4, "root\0x\0root\0/root\0/bin/bash\0", 2 :Cool:  = 28

close(4)                                = 0

geteuid()                               = 0

setfsuid(0)                             = 0

open("/root/.xauth/export", O_RDONLY)   = -1 ENOENT (No such file or directory)

setfsuid(0)                             = 0

setuid(1000)                            = 0

close(3)                                = 0

clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x2b4d7db26b70) = 10771

--- SIGCHLD (Child exited) @ 0 (0) ---

rt_sigprocmask(SIG_BLOCK, ~[RTMIN RT_1], NULL,  :Cool:  = 0

rt_sigaction(SIGTERM, {0x4023f0, [], SA_RESTORER, 0x2b4d7d816940}, NULL,  :Cool:  = 0

rt_sigprocmask(SIG_UNBLOCK, [ALRM TERM], NULL,  :Cool:  = 0

wait4(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 126}], WSTOPPED, NULL) = 10771

getuid()                                = 1000

stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2295, ...}) = 0

stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2295, ...}) = 0

stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2295, ...}) = 0

socket(PF_FILE, SOCK_DGRAM, 0)          = 3

fcntl(3, F_SETFD, FD_CLOEXEC)           = 0

connect(3, {sa_family=AF_FILE, path="/dev/log"}, 110) = 0

sendto(3, "<86>Jun 17 07:13:52 su[10770]: p"..., 82, MSG_NOSIGNAL, NULL, 0) = 82

munmap(0x2b4d7db73000, 1051752)         = 0

munmap(0x2b4d7dc74000, 1054480)         = 0

munmap(0x2b4d7dd86000, 1059648)         = 0

munmap(0x2b4d7de89000, 1145736)         = 0

munmap(0x2b4d7e1d2000, 1051184)         = 0

munmap(0x2b4d7e2d3000, 1075648)         = 0

munmap(0x2b4d7dfaf000, 1100320)         = 0

munmap(0x2b4d7e3da000, 1061712)         = 0

munmap(0x2b4d7e4de000, 1064648)         = 0

exit_group(126)                         = ?

Hoffe jemand von euch kann damit was Anfangen.

CoS24

----------

## Child_of_Sun_24

Habe jetzt meinen Desktop in meine Samba-Ldap Domäne eingebunden, und habe versucht mich testweise mit einem User aus der Domäne anzumelden, es kommt der selbe Fehler.

CoS24

----------

## Child_of_Sun_24

Habe das Problem durch eine neu Installation gelöst, war mir alles zu umständlich und zu gefährlich die ganze Zeit nur mit root zu arbeiten, funktioniert jetzt.

CoS24

----------

