# [solved] su - funktioniert nicht _NICHT_ das wheel-prob

## 76062563

Hallo,

nach dem letzten emerge -vuD world und anschließendem etc-update habe ich folgendes Problem:

wenn ich auf der Konsole su - eintippe passiert:

```
bash-2.05b$ su -

Password:

Kann bash nicht ausführen: Datei oder Verzeichnis nicht gefunden
```

Ich kann mich allerdings auf der TTY1 als root einloggen (auf den andern wirds auch gehen ich habs noch nicht getestet). Wenn ich mich dort als normaler User (Jonny) einlogge und su - machen will kommt der selbe Fehler wie oben.

Ich denke mal dass ich versehendlich irgendeine config-Datei beim etc-update überschrieben habe.

Da ich leider absolut nicht weiss was ich tun soll habe ich einfach mal einen mir relevant erscheinenden Teil der /var/log/messages angehängt.

Ich habe bereits im Forum gesucht aber keinen passenden Eintrag gefunden, ich hoffe jemand von euch kann mir weiterhelfen, danke schonmal,

Gruß,

Jonny

```
Nov 14 23:07:32 nibbler PAM-env[7219]: Unknown PAM_ITEM: <XAUTHORITY>

Nov 14 23:07:32 nibbler [7219]: PAM pam_putenv: delete non-existent entry; XAUTHORITY

Nov 14 23:09:59 nibbler su(pam_unix)[7517]: authentication failure; logname=jonny uid=1000 euid=0 tty=pts/1 ruser=jonny rhost=  user=root

Nov 14 23:10:01 nibbler su[7517]: pam_authenticate: Authentication failure

Nov 14 23:10:09 nibbler su[7531]: PAM pam_putenv: delete non-existent entry; REMOTEHOST

Nov 14 23:10:09 nibbler PAM-env[7531]: Unknown PAM_ITEM: <XAUTHORITY>

Nov 14 23:10:09 nibbler su[7531]: PAM pam_putenv: delete non-existent entry; XAUTHORITY

Nov 14 23:10:09 nibbler su(pam_unix)[7531]: session opened for user root by jonny(uid=1000)

Nov 14 23:10:09 nibbler su(pam_unix)[7531]: session closed for user root

Nov 14 23:10:19 nibbler su[7539]: PAM pam_putenv: delete non-existent entry; REMOTEHOST

Nov 14 23:10:19 nibbler PAM-env[7539]: Unknown PAM_ITEM: <XAUTHORITY>

Nov 14 23:10:19 nibbler su[7539]: PAM pam_putenv: delete non-existent entry; XAUTHORITY

Nov 14 23:10:19 nibbler su(pam_unix)[7539]: session opened for user root by jonny(uid=1000)

Nov 14 23:10:19 nibbler su(pam_unix)[7539]: session closed for user root

Nov 14 23:10:30 nibbler su[7568]: PAM pam_putenv: delete non-existent entry; REMOTEHOST

Nov 14 23:10:30 nibbler PAM-env[7568]: Unknown PAM_ITEM: <XAUTHORITY>

Nov 14 23:10:30 nibbler su[7568]: PAM pam_putenv: delete non-existent entry; XAUTHORITY

Nov 14 23:10:30 nibbler su(pam_unix)[7568]: session opened for user root by jonny(uid=1000)

Nov 14 23:10:30 nibbler su(pam_unix)[7568]: session closed for user root

Nov 14 23:10:40 nibbler su[7582]: PAM pam_putenv: delete non-existent entry; REMOTEHOST

Nov 14 23:10:40 nibbler PAM-env[7582]: Unknown PAM_ITEM: <XAUTHORITY>

Nov 14 23:10:40 nibbler su[7582]: PAM pam_putenv: delete non-existent entry; XAUTHORITY

Nov 14 23:10:40 nibbler su(pam_unix)[7582]: session opened for user root by jonny(uid=1000)

Nov 14 23:10:40 nibbler su(pam_unix)[7582]: session closed for user root

Nov 14 23:10:57 nibbler su[7597]: PAM pam_putenv: delete non-existent entry; REMOTEHOST

Nov 14 23:10:57 nibbler PAM-env[7597]: Unknown PAM_ITEM: <XAUTHORITY>

Nov 14 23:10:57 nibbler su[7597]: PAM pam_putenv: delete non-existent entry; XAUTHORITY

Nov 14 23:10:57 nibbler su(pam_unix)[7597]: session opened for user root by jonny(uid=1000)

Nov 14 23:10:57 nibbler su(pam_unix)[7597]: session closed for user root

Nov 14 23:11:46 nibbler nmbd[6908]: [2004/11/14 23:11:46, 0] nmbd/nmbd_become_lmb.c:become_local_master_stage2(396)

Nov 14 23:11:46 nibbler nmbd[6908]:   *****

Nov 14 23:11:46 nibbler nmbd[6908]:   

Nov 14 23:11:46 nibbler nmbd[6908]:   Samba name server NIBBLER is now a local master browser for workgroup FUTURAMA on subnet 192.168.0.2

Nov 14 23:11:46 nibbler nmbd[6908]:   

Nov 14 23:11:46 nibbler nmbd[6908]:   *****

Nov 14 23:11:49 nibbler login[7055]: PAM pam_putenv: delete non-existent entry; REMOTEHOST

Nov 14 23:11:49 nibbler PAM-env[7055]: Unknown PAM_ITEM: <XAUTHORITY>

Nov 14 23:11:49 nibbler login[7055]: PAM pam_putenv: delete non-existent entry; XAUTHORITY

Nov 14 23:11:49 nibbler login(pam_unix)[7055]: session opened for user root by (uid=0)

Nov 14 23:11:59 nibbler su[7680]: PAM pam_putenv: delete non-existent entry; REMOTEHOST

Nov 14 23:11:59 nibbler PAM-env[7680]: Unknown PAM_ITEM: <XAUTHORITY>

Nov 14 23:11:59 nibbler su[7680]: PAM pam_putenv: delete non-existent entry; XAUTHORITY

Nov 14 23:11:59 nibbler su(pam_unix)[7680]: session opened for user root by jonny(uid=1000)

Nov 14 23:11:59 nibbler su(pam_unix)[7680]: session closed for user root

Nov 14 23:12:34 nibbler su[7720]: PAM pam_putenv: delete non-existent entry; REMOTEHOST

Nov 14 23:12:34 nibbler PAM-env[7720]: Unknown PAM_ITEM: <XAUTHORITY>

Nov 14 23:12:34 nibbler su[7720]: PAM pam_putenv: delete non-existent entry; XAUTHORITY

Nov 14 23:12:34 nibbler su(pam_unix)[7720]: session opened for user root by jonny(uid=1000)

Nov 14 23:12:34 nibbler su(pam_unix)[7720]: session closed for user root

Nov 14 23:12:42 nibbler su(pam_unix)[7734]: authentication failure; logname=jonny uid=1000 euid=0 tty=pts/1 ruser=jonny rhost=  user=emi

Nov 14 23:12:44 nibbler su[7734]: pam_authenticate: Authentication failure

Nov 14 23:13:03 nibbler su[7755]: PAM pam_putenv: delete non-existent entry; REMOTEHOST

Nov 14 23:13:03 nibbler PAM-env[7755]: Unknown PAM_ITEM: <XAUTHORITY>

Nov 14 23:13:03 nibbler su[7755]: PAM pam_putenv: delete non-existent entry; XAUTHORITY

Nov 14 23:13:03 nibbler su(pam_unix)[7755]: session opened for user root by jonny(uid=1000)

Nov 14 23:13:03 nibbler su(pam_unix)[7755]: session closed for user root

Nov 14 23:15:52 nibbler login[7055]: PAM pam_putenv: delete non-existent entry; REMOTEHOST

Nov 14 23:15:52 nibbler PAM-env[7055]: Unknown PAM_ITEM: <XAUTHORITY>

Nov 14 23:15:52 nibbler root[7055]: PAM pam_putenv: delete non-existent entry; XAUTHORITY

Nov 14 23:15:52 nibbler login(pam_unix)[7055]: session closed for user root

Nov 14 23:15:58 nibbler login[7935]: PAM pam_putenv: delete non-existent entry; REMOTEHOST

Nov 14 23:15:58 nibbler PAM-env[7935]: Unknown PAM_ITEM: <XAUTHORITY>

Nov 14 23:15:58 nibbler login[7935]: PAM pam_putenv: delete non-existent entry; XAUTHORITY

Nov 14 23:15:58 nibbler login(pam_unix)[7935]: session opened for user jonny by (uid=0)

Nov 14 23:16:04 nibbler su[7951]: PAM pam_putenv: delete non-existent entry; REMOTEHOST

Nov 14 23:16:04 nibbler PAM-env[7951]: Unknown PAM_ITEM: <XAUTHORITY>

Nov 14 23:16:04 nibbler su[7951]: PAM pam_putenv: delete non-existent entry; XAUTHORITY

Nov 14 23:16:04 nibbler su(pam_unix)[7951]: session opened for user root by jonny(uid=1000)

Nov 14 23:16:04 nibbler su(pam_unix)[7951]: session closed for user root

Nov 14 23:16:23 nibbler su[7975]: PAM pam_putenv: delete non-existent entry; REMOTEHOST

Nov 14 23:16:23 nibbler PAM-env[7975]: Unknown PAM_ITEM: <XAUTHORITY>

Nov 14 23:16:23 nibbler su[7975]: PAM pam_putenv: delete non-existent entry; XAUTHORITY

Nov 14 23:16:23 nibbler su(pam_unix)[7975]: session opened for user root by jonny(uid=1000)

Nov 14 23:16:23 nibbler su(pam_unix)[7975]: session closed for user root

Nov 14 23:16:34 nibbler login[7935]: PAM pam_putenv: delete non-existent entry; REMOTEHOST

Nov 14 23:16:34 nibbler PAM-env[7935]: Unknown PAM_ITEM: <XAUTHORITY>

Nov 14 23:16:34 nibbler jonny[7935]: PAM pam_putenv: delete non-existent entry; XAUTHORITY

Nov 14 23:16:34 nibbler login(pam_unix)[7935]: session closed for user jonny

Nov 14 23:16:49 nibbler (jonny-8028): (Version 2.8.0.1) wird gestartet, Prozesskennung 8028, Benutzer »jonny«

Nov 14 23:16:49 nibbler (jonny-8028): Die Adresse »xml:readonly:/etc/gconf/gconf.xml.mandatory« wurde an der Position 0 zu einer nur lesbaren Konfigurationsquelle aufgelöst

Nov 14 23:16:49 nibbler (jonny-8028): Die Adresse »xml:readwrite:/home/jonny/.gconf« wurde an der Position 1 zu einer schreibbaren Konfigurationsquelle aufgelöst

Nov 14 23:16:49 nibbler (jonny-8028): Die Adresse »xml:readonly:/etc/gconf/gconf.xml.defaults« wurde an der Position 2 zu einer nur lesbaren Konfigurationsquelle aufgelöst

Nov 14 23:38:17 nibbler login[7998]: PAM pam_putenv: delete non-existent entry; REMOTEHOST

Nov 14 23:38:17 nibbler PAM-env[7998]: Unknown PAM_ITEM: <XAUTHORITY>

Nov 14 23:38:17 nibbler login[7998]: PAM pam_putenv: delete non-existent entry; XAUTHORITY

Nov 14 23:38:17 nibbler login(pam_unix)[7998]: session opened for user root by (uid=0)
```

Last edited by 76062563 on Wed Nov 17, 2004 7:22 pm; edited 2 times in total

----------

## Louisdor

Check mal Deine  /etc/security/pam_env.conf und kommentiere ggf. das XAUTHORITY aus.

In meiner /etc/group habe ich 

```
wheel::10:root,alex
```

 drin stehen. alex ist mein normaler User. Damit funktioniert auch su.

----------

## 76062563

Danke für die schnelle Antwort, leider hat das Auskommentieren nicht den gewünschten Erfolg gebracht   :Confused: 

Die /etc/group war vorher schon in Ordnung ich habe mich aber nochmal vergewissert, hier der Eintrag:

```
wheel:x:10:root,jonny
```

----------

## platinumviper

 *76062563 wrote:*   

> leider hat das Auskommentieren nicht den gewünschten Erfolg gebracht 

 

DISPLAY muss auch kommentiert werden.

platinumviper

----------

## 76062563

Ich habe jetzt  DISPLAY, XAUTHORITY und REMOTEHOST auskommentiert.

Meine /var/log/messages sieht jetzt so aus:

```
Nov 15 16:03:43 nibbler su(pam_unix)[8338]: session opened for user root by jonny(uid=1000)

Nov 15 16:03:43 nibbler su(pam_unix)[8338]: session closed for user root

Nov 15 16:03:49 nibbler su(pam_unix)[8343]: session opened for user root by jonny(uid=1000)

Nov 15 16:03:49 nibbler su(pam_unix)[8343]: session closed for user root

Nov 15 16:03:53 nibbler su(pam_unix)[8356]: session opened for user root by jonny(uid=1000)

Nov 15 16:03:54 nibbler su(pam_unix)[8356]: session closed for user root

Nov 15 16:03:57 nibbler su(pam_unix)[8361]: session opened for user root by jonny(uid=1000)

Nov 15 16:03:57 nibbler su(pam_unix)[8361]: session closed for user root

Nov 15 16:04:02 nibbler su(pam_unix)[8365]: session opened for user root by jonny(uid=1000)

Nov 15 16:04:02 nibbler su(pam_unix)[8365]: session closed for user root

Nov 15 16:04:06 nibbler su(pam_unix)[8378]: session opened for user root by jonny(uid=1000)

Nov 15 16:04:06 nibbler su(pam_unix)[8378]: session closed for user root
```

wenn ich in der Konsole su - machen möchte erhalte ich immer noch folgende Ausgabe:

```
bash-2.05b$ su -

Password:

Kann bash nicht ausführen: Datei oder Verzeichnis nicht gefunden

```

 :Confused: 

----------

## 76062563

Ich stelle grad fest dass ich mich nicht über SSH als root auf meinen Rechner einloggen kann, ich bekomme folgende Ausgabe:

```
 ssh 192.168.0.2

root@192.168.0.2's password:

Permission denied, please try again.

root@192.168.0.2's password:

Permission denied, please try again.

root@192.168.0.2's password:

Password:

Password:

Password:

Permission denied (publickey,password,keyboard-interactive).
```

In der /var/log/messages steht dann:

```
Nov 15 16:31:41 nibbler sshd[10227]: User root not allowed because shell bash does not exist

Nov 15 16:31:41 nibbler sshd[10227]: Failed none for illegal user root from 192.168.0.4 port 1025 ssh2

Nov 15 16:31:45 nibbler sshd[10227]: error: Could not get shadow information for NOUSER

Nov 15 16:31:45 nibbler sshd[10227]: Failed password for illegal user root from 192.168.0.4 port 1025 ssh2

Nov 15 16:31:53 nibbler sshd[10227]: Failed password for illegal user root from 192.168.0.4 port 1025 ssh2

Nov 15 16:32:11 nibbler sshd[10227]: Failed password for illegal user root from 192.168.0.4 port 1025 ssh2

Nov 15 16:32:15 nibbler sshd[10227]: Failed password for illegal user root from 192.168.0.4 port 1025 ssh2

Nov 15 16:32:22 nibbler sshd[10227]: Failed password for illegal user root from 192.168.0.4 port 1025 ssh2

Nov 15 16:33:13 nibbler spurious 8259A interrupt: IRQ7.

Nov 15 16:33:35 nibbler sshd[10227]: Failed password for illegal user root from 192.168.0.4 port 1025 ssh2

Nov 15 16:33:39 nibbler sshd[10360]: User root not allowed because shell bash does not exist

Nov 15 16:33:39 nibbler sshd[10360]: Failed none for illegal user root from 192.168.0.4 port 1026 ssh2

Nov 15 16:33:44 nibbler sshd[10360]: error: Could not get shadow information for NOUSER

Nov 15 16:33:44 nibbler sshd[10360]: Failed password for illegal user root from 192.168.0.4 port 1026 ssh2

Nov 15 16:34:24 nibbler sshd[10360]: Failed password for illegal user root from 192.168.0.4 port 1026 ssh2

Nov 15 16:34:28 nibbler sshd[10360]: Failed password for illegal user root from 192.168.0.4 port 1026 ssh2

Nov 15 16:34:32 nibbler sshd[10360]: Failed password for illegal user root from 192.168.0.4 port 1026 ssh2

Nov 15 16:34:36 nibbler sshd[10360]: Failed password for illegal user root from 192.168.0.4 port 1026 ssh2

Nov 15 16:34:40 nibbler sshd[10360]: Failed password for illegal user root from 192.168.0.4 port 1026 ssh2
```

Als "normaler" User (jonny) kann ich mich ohne Probleme einloggen.

----------

## Squiddle

ssh logging via root ist vielleicht ausgeschaltet (und das sollte auch so bleiben)

hier mal /etc/ssh/sshd_config:

```

#PermitRootLogin yes

```

auskommentieren und yes in no ändern, dann kannste auch als root. Aber wie gesagt machs nicht.

Das andere Problem, hast vielleicht die PATH angaben in deinem root profile verändert?

probier mal

```

su -c /bin/bash

```

und schau mit

```

env|grep -i path

```

nach wie die Pathvariablen aussehen.

----------

## 76062563

Root login über SSH ist erlaubt. Ich weiss dass man das normal nicht machen sollte aber ich habe keine direkte Verbindung ins Internet und so ist es etwas bequemer   :Laughing: 

Wenn ich 

```
su -c /bin/bash
```

versuche erhalte ich folgendes Ergebnis:

```
bash-2.05b$ whoami

jonny

bash-2.05b$ su -c /bin/bash

Password:

bash-2.05b$ whoami

jonny

bash-2.05b$

```

(whoami habe ich gemacht um mich zu vergewissern ob ich root bin oder nicht und leider bin es nicht  :Sad:   )

Diese Aktion bewirkt folgenden Eintrag in der /var/log/messages:

```
Nov 15 17:09:29 nibbler su(pam_unix)[12692]: session opened for user root by jonny(uid=1000)

Nov 15 17:09:29 nibbler su(pam_unix)[12692]: session closed for user root
```

```
env|grep -i path 
```

gibt folgendes aus:

```
bash-2.05b$ env|grep -i path

MANPATH=/usr/share/man:/usr/local/share/man:/usr/share/gcc-data/i686-pc-linux-gnu/3.3/man:/usr/share/man:/usr/local/share/man:/usr/share/gcc-data/i686-pc-linux-gnu/3.3/man::/opt/blackdown-jdk-1.4.1/man:/usr/qt/3/doc/man:/opt/blackdown-jdk-1.4.1/man:/usr/qt/3/doc/man

PATH=/usr/kde/3.3/bin:/bin:/usr/bin:/usr/local/bin:/opt/bin:/usr/i686-pc-linux-gnu/gcc-bin/3.3:/usr/X11R6/bin:/opt/blackdown-jdk-1.4.1/bin:/opt/blackdown-jdk-1.4.1/jre/bin:/usr/qt/3/bin:/usr/kde/3.3/bin:/usr/kde/3.2/bin:/usr/share/karamba/bin

CLASSPATH=.

INFOPATH=/usr/share/info:/usr/share/gcc-data/i686-pc-linux-gnu/3.3/info

bash-2.05b$
```

----------

## _hephaistos_

hmmm vielleicht hat es mit fehlendem pts support im kernel zu tun?

siehe zB: 

https://forums.gentoo.org/viewtopic.php?t=167518

also kernel config checken, ob

```

CONFIG_SERIAL_CORE=y

CONFIG_UNIX98_PTYS=y

CONFIG_LEGACY_PTYS=y

CONFIG_LEGACY_PTY_COUNT=256

```

vorhanden sind

hth,

ciao

----------

## 76062563

Nein. daran kanns nicht liegen ich hab den Kernel schon einige Wochen, das ganze ist erst nach einem etc-update passiert...

Aber trotzdem danke für deine Mühe   :Very Happy: 

----------

## Louisdor

Hm, baselayout schon mal neu gemacht?

----------

## 76062563

Ja grad eben hab ich

emerge bash baselayout

(stimmt doch so oder?) gemacht, danach ein etc-update, da hat er mir nur grinsend gesagt dass nichts zu tun wäre...

----------

## 76062563

Das Problem scheint nicht an der bash zu liegen, ich habe grad die shell auf korn gewechselt (für root), jetzt passiert folgendes:

```
bash-2.05b$ su -

Password:

Kann korn nicht ausführen: Datei oder Verzeichnis nicht gefunden
```

----------

## smg

downgrade auf die alte pam version, hats bei mir getan

mfg

----------

## 76062563

Hattest du das selbe Problem?

Soll ich dazu einfach die aktuelle Version in die package.mask eintragen?

----------

## smg

nein eine davor, also die version welche du zuvor benutzt hast  :Smile: 

----------

## 76062563

ja aber wenn ich die aktuelle maskiere nimmt er doch die davor oder?

----------

## smg

oh ja, sry, ich stand aufm schlauch hast vollkommen recht!  :Smile: 

mfg

----------

## 76062563

Ich habe jetzt sys-libs/pam-0.77 statt sys-libs/pam-0.77-r1 emerged, leider besteht das Problem unverändert weiter, weiss noch jemand Rat?

edit:

Nachdem das nicht geklappt hat habe ich die ~x86 maskierte Version von pam emerged, auch hier bleibt das Problem das selbe

----------

## 76062563

strace su - root (mit anschließend eingegebenem Passwort) bringt folgendes: 

```
bash-2.05b$ strace su - root

execve("/bin/su", ["su", "-", "root"], [/* 55 vars */]) = 0

brk(0)                                  = 0x8054000

open("/etc/ld.so.preload", O_RDONLY)    = -1 ENOENT (No such file or directory)

open("/etc/ld.so.cache", O_RDONLY)      = 3

fstat64(3, {st_mode=S_IFREG|0644, st_size=115915, ...}) = 0

old_mmap(NULL, 115915, PROT_READ, MAP_PRIVATE, 3, 0) = 0x40017000

close(3)                                = 0

open("/lib/libcrypt.so.1", O_RDONLY)    = 3

read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\260\t\0"..., 512) = 512

fstat64(3, {st_mode=S_IFREG|0755, st_size=19468, ...}) = 0

old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40034000

old_mmap(NULL, 181564, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x40035000

old_mmap(0x4003a000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x4000) = 0x4003a000

old_mmap(0x4003b000, 156988, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x4003b000

close(3)                                = 0

open("/lib/libpam.so.0", O_RDONLY)      = 3

read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0@\25\0\000"..., 512) = 512

fstat64(3, {st_mode=S_IFREG|0755, st_size=29272, ...}) = 0

old_mmap(NULL, 30856, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x40062000

old_mmap(0x40069000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x40069000

close(3)                                = 0

open("/lib/libpam_misc.so.0", O_RDONLY) = 3

read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0000\16\0"..., 512) = 512

fstat64(3, {st_mode=S_IFREG|0755, st_size=9300, ...}) = 0

old_mmap(NULL, 11880, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x4006a000

old_mmap(0x4006c000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1000) = 0x4006c000

close(3)                                = 0

open("/lib/libc.so.6", O_RDONLY)        = 3

read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0PU\1\000"..., 512) = 512

fstat64(3, {st_mode=S_IFREG|0755, st_size=1201760, ...}) = 0

old_mmap(NULL, 1128004, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x4006d000

old_mmap(0x4017b000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x10e000) = 0x4017b000

old_mmap(0x4017e000, 9796, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x4017e000

close(3)                                = 0

open("/lib/libdl.so.2", O_RDONLY)       = 3

read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0P\34\0\000"..., 512) = 512

fstat64(3, {st_mode=S_IFREG|0755, st_size=10964, ...}) = 0

old_mmap(NULL, 8624, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x40181000

old_mmap(0x40183000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x40183000

close(3)                                = 0

old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40184000

munmap(0x40017000, 115915)              = 0

open("/dev/urandom", O_RDONLY)          = 3

read(3, "x\350\"\n", 4)                 = 4

close(3)                                = 0

open("/usr/lib/locale/locale-archive", O_RDONLY|O_LARGEFILE) = 3

fstat64(3, {st_mode=S_IFREG|0644, st_size=38392864, ...}) = 0

mmap2(NULL, 2097152, PROT_READ, MAP_PRIVATE, 3, 0) = 0x40185000

mmap2(NULL, 28672, PROT_READ, MAP_PRIVATE, 3, 0x46c) = 0x40385000

brk(0)                                  = 0x8054000

brk(0x8075000)                          = 0x8075000

mmap2(NULL, 212992, PROT_READ, MAP_PRIVATE, 3, 0x48b) = 0x4038c000

mmap2(NULL, 4096, PROT_READ, MAP_PRIVATE, 3, 0x4c1) = 0x403c0000

close(3)                                = 0

getuid32()                              = 1000

ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 0

ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 0

readlink("/proc/self/fd/0", 0x8054930, 4095) = -1 EACCES (Permission denied)

fstat64(0, {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 5), ...}) = 0

stat64("/dev/pts", {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0

open("/dev/null", O_RDONLY|O_NONBLOCK|O_DIRECTORY) = -1 ENOTDIR (Not a directory)

open("/dev/pts", O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = 3

fstat64(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0

fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0

getdents64(3, /* 8 entries */, 1024)    = 192

stat64("/dev/pts/5", {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 5), ...}) = 0

close(3)                                = 0

open("/etc/login.defs", O_RDONLY)       = 3

fstat64(3, {st_mode=S_IFREG|0644, st_size=3229, ...}) = 0

old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x403c1000

read(3, "#\n# /etc/login.defs - Configurat"..., 4096) = 3229

read(3, "", 4096)                       = 0

close(3)                                = 0

munmap(0x403c1000, 4096)                = 0

readlink("/proc/self/fd/0", 0xbffff3ac, 511) = -1 EACCES (Permission denied)

ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 0

fstat64(0, {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 5), ...}) = 0

stat64("/dev/pts/", {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0

open("/dev/pts/", O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = 3

fstat64(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0

fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0

getdents64(3, /* 8 entries */, 1024)    = 192

stat64("/dev/pts/5", {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 5), ...}) = 0

close(3)                                = 0

access("/var/run/utmpx", F_OK)          = -1 ENOENT (No such file or directory)

open("/var/run/utmp", O_RDWR)           = -1 EACCES (Permission denied)

open("/var/run/utmp", O_RDONLY)         = 3

fcntl64(3, F_GETFD)                     = 0

fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0

_llseek(3, 0, [0], SEEK_SET)            = 0

alarm(0)                                = 0

rt_sigaction(SIGALRM, {0x40150890, [], 0}, {SIG_DFL}, 8) = 0

alarm(1)                                = 0

fcntl64(3, F_SETLKW, {type=F_RDLCK, whence=SEEK_SET, start=0, len=0}) = 0

read(3, "\10\0\0\0\352\24\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\1\0\0\0003N\0\0~\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\10\0\0\0\271\30\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\t\34\0\0vc/1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\220\33\0\0vc/2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\221\33\0\0vc/3\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\6\0\0\0\222\33\0\0tty4\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\6\0\0\0\223\33\0\0tty5\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\6\0\0\0\224\33\0\0tty6\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\10\0\0\0\225\33\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\333\33\0\0:0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0a\34\0\0pts/0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0@R\0\0pts/1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\6\0\0\0\t\34\0\0tty1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\263T\0\0pts/2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\17R\0\0pts/3\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\5W\0\0pts/4\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\246^\0\0pts/5\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

fcntl64(3, F_SETLKW, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 0

alarm(0)                                = 1

rt_sigaction(SIGALRM, {SIG_DFL}, NULL, 8) = 0

close(3)                                = 0

getuid32()                              = 1000

socket(PF_UNIX, SOCK_STREAM, 0)         = 3

connect(3, {sa_family=AF_UNIX, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)

close(3)                                = 0

open("/etc/nsswitch.conf", O_RDONLY)    = 3

fstat64(3, {st_mode=S_IFREG|0644, st_size=498, ...}) = 0

old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x403c1000

read(3, "# /etc/nsswitch.conf:\n# $Header:"..., 4096) = 498

read(3, "", 4096)                       = 0

close(3)                                = 0

munmap(0x403c1000, 4096)                = 0

open("/etc/ld.so.cache", O_RDONLY)      = 3

fstat64(3, {st_mode=S_IFREG|0644, st_size=115915, ...}) = 0

old_mmap(NULL, 115915, PROT_READ, MAP_PRIVATE, 3, 0) = 0x403c1000

close(3)                                = 0

open("/lib/libnss_compat.so.2", O_RDONLY) = 3

read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\0\22\0"..., 512) = 512

fstat64(3, {st_mode=S_IFREG|0755, st_size=27904, ...}) = 0

old_mmap(NULL, 30276, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x403de000

old_mmap(0x403e5000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x403e5000

close(3)                                = 0

open("/lib/libnsl.so.1", O_RDONLY)      = 3

read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0 <\0\000"..., 512) = 512

fstat64(3, {st_mode=S_IFREG|0755, st_size=76984, ...}) = 0

old_mmap(NULL, 85120, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x403e6000

old_mmap(0x403f8000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x11000) = 0x403f8000

old_mmap(0x403f9000, 7296, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x403f9000

close(3)                                = 0

munmap(0x403c1000, 115915)              = 0

open("/etc/ld.so.cache", O_RDONLY)      = 3

fstat64(3, {st_mode=S_IFREG|0644, st_size=115915, ...}) = 0

old_mmap(NULL, 115915, PROT_READ, MAP_PRIVATE, 3, 0) = 0x403c1000

close(3)                                = 0

open("/lib/libnss_nis.so.2", O_RDONLY)  = 3

read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0000\35\0"..., 512) = 512

fstat64(3, {st_mode=S_IFREG|0755, st_size=35944, ...}) = 0

old_mmap(NULL, 33636, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x403fb000

old_mmap(0x40403000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x8000) = 0x40403000

close(3)                                = 0

open("/lib/libnss_files.so.2", O_RDONLY) = 3

read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0@\35\0\000"..., 512) = 512

fstat64(3, {st_mode=S_IFREG|0755, st_size=35752, ...}) = 0

old_mmap(NULL, 33712, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x40404000

old_mmap(0x4040c000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x8000) = 0x4040c000

close(3)                                = 0

munmap(0x403c1000, 115915)              = 0

open("/etc/passwd", O_RDONLY)           = 3

fcntl64(3, F_GETFD)                     = 0

fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0

_llseek(3, 0, [0], SEEK_CUR)            = 0

fstat64(3, {st_mode=S_IFREG|0644, st_size=1963, ...}) = 0

mmap2(NULL, 1963, PROT_READ, MAP_SHARED, 3, 0) = 0x403c1000

_llseek(3, 1963, [1963], SEEK_SET)      = 0

munmap(0x403c1000, 1963)                = 0

close(3)                                = 0

stat64("/etc/pam.d", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0

open("/etc/pam.d/su", O_RDONLY)         = 3

fstat64(3, {st_mode=S_IFREG|0644, st_size=1247, ...}) = 0

old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x403c1000

read(3, "#%PAM-1.0\n\nauth       sufficient"..., 4096) = 1247

open("/lib/security/pam_rootok.so", O_RDONLY) = 4

read(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\340\6\0"..., 512) = 512

fstat64(4, {st_mode=S_IFREG|0755, st_size=4340, ...}) = 0

old_mmap(NULL, 6976, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x403c2000

old_mmap(0x403c3000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0) = 0x403c3000

close(4)                                = 0

open("/lib/security/pam_wheel.so", O_RDONLY) = 4

read(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\200\r\0"..., 512) = 512

fstat64(4, {st_mode=S_IFREG|0755, st_size=11728, ...}) = 0

old_mmap(NULL, 14148, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x403c4000

old_mmap(0x403c7000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x2000) = 0x403c7000

close(4)                                = 0

open("/lib/security/pam_stack.so", O_RDONLY) = 4

read(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0p\v\0\000"..., 512) = 512

fstat64(4, {st_mode=S_IFREG|0755, st_size=11364, ...}) = 0

old_mmap(NULL, 14000, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x403c8000

old_mmap(0x403cb000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x2000) = 0x403cb000

close(4)                                = 0

open("/lib/security/pam_xauth.so", O_RDONLY) = 4

read(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\320\22"..., 512) = 512

fstat64(4, {st_mode=S_IFREG|0755, st_size=15460, ...}) = 0

old_mmap(NULL, 17864, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x403cc000

old_mmap(0x403d0000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x3000) = 0x403d0000

close(4)                                = 0

read(3, "", 4096)                       = 0

close(3)                                = 0

munmap(0x403c1000, 4096)                = 0

open("/etc/pam.d/other", O_RDONLY)      = 3

fstat64(3, {st_mode=S_IFREG|0644, st_size=198, ...}) = 0

old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x403c1000

read(3, "#%PAM-1.0\n\nauth       required\t/"..., 4096) = 198

open("/lib/security/pam_deny.so", O_RDONLY) = 4

read(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\200\6\0"..., 512) = 512

fstat64(4, {st_mode=S_IFREG|0755, st_size=3776, ...}) = 0

old_mmap(NULL, 6460, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x403d1000

old_mmap(0x403d2000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0) = 0x403d2000

close(4)                                = 0

read(3, "", 4096)                       = 0

close(3)                                = 0

munmap(0x403c1000, 4096)                = 0

open("/etc/passwd", O_RDONLY)           = 3

fcntl64(3, F_GETFD)                     = 0

fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0

_llseek(3, 0, [0], SEEK_CUR)            = 0

fstat64(3, {st_mode=S_IFREG|0644, st_size=1963, ...}) = 0

mmap2(NULL, 1963, PROT_READ, MAP_SHARED, 3, 0) = 0x403c1000

_llseek(3, 1963, [1963], SEEK_SET)      = 0

munmap(0x403c1000, 1963)                = 0

close(3)                                = 0

time(NULL)                              = 1100639815

getuid32()                              = 1000

open("/etc/passwd", O_RDONLY)           = 3

fcntl64(3, F_GETFD)                     = 0

fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0

_llseek(3, 0, [0], SEEK_CUR)            = 0

fstat64(3, {st_mode=S_IFREG|0644, st_size=1963, ...}) = 0

mmap2(NULL, 1963, PROT_READ, MAP_SHARED, 3, 0) = 0x403c1000

_llseek(3, 1963, [1963], SEEK_SET)      = 0

munmap(0x403c1000, 1963)                = 0

close(3)                                = 0

getuid32()                              = 1000

open("/etc/passwd", O_RDONLY)           = 3

fcntl64(3, F_GETFD)                     = 0

fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0

_llseek(3, 0, [0], SEEK_CUR)            = 0

fstat64(3, {st_mode=S_IFREG|0644, st_size=1963, ...}) = 0

mmap2(NULL, 1963, PROT_READ, MAP_SHARED, 3, 0) = 0x403c1000

_llseek(3, 1963, [1963], SEEK_SET)      = 0

munmap(0x403c1000, 1963)                = 0

close(3)                                = 0

socket(PF_UNIX, SOCK_STREAM, 0)         = 3

connect(3, {sa_family=AF_UNIX, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)

close(3)                                = 0

open("/etc/group", O_RDONLY)            = 3

fcntl64(3, F_GETFD)                     = 0

fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0

_llseek(3, 0, [0], SEEK_CUR)            = 0

fstat64(3, {st_mode=S_IFREG|0644, st_size=797, ...}) = 0

mmap2(NULL, 797, PROT_READ, MAP_SHARED, 3, 0) = 0x403c1000

_llseek(3, 797, [797], SEEK_SET)        = 0

munmap(0x403c1000, 797)                 = 0

close(3)                                = 0

stat64("/etc/pam.d", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0

open("/etc/pam.d/system-auth", O_RDONLY) = 3

fstat64(3, {st_mode=S_IFREG|0644, st_size=491, ...}) = 0

old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x403c1000

read(3, "#%PAM-1.0\n\nauth       required\t/"..., 4096) = 491

open("/lib/security/pam_env.so", O_RDONLY) = 4

read(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\240\v\0"..., 512) = 512

fstat64(4, {st_mode=S_IFREG|0755, st_size=11228, ...}) = 0

old_mmap(NULL, 13864, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x403d3000

old_mmap(0x403d6000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x2000) = 0x403d6000

close(4)                                = 0

open("/lib/security/pam_unix.so", O_RDONLY) = 4

read(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\360$\0"..., 512) = 512

fstat64(4, {st_mode=S_IFREG|0755, st_size=45768, ...}) = 0

old_mmap(NULL, 92600, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x4040d000

old_mmap(0x40417000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0xa000) = 0x40417000

old_mmap(0x40418000, 47544, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40418000

close(4)                                = 0

open("/lib/security/pam_cracklib.so", O_RDONLY) = 4

read(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\200!\0"..., 512) = 512

fstat64(4, {st_mode=S_IFREG|0755, st_size=36836, ...}) = 0

old_mmap(NULL, 64864, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x40424000

old_mmap(0x4042c000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x8000) = 0x4042c000

old_mmap(0x4042d000, 28000, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x4042d000

close(4)                                = 0

open("/lib/security/pam_limits.so", O_RDONLY) = 4

read(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\300\21"..., 512) = 512

fstat64(4, {st_mode=S_IFREG|0755, st_size=17424, ...}) = 0

old_mmap(NULL, 19704, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x40434000

old_mmap(0x40438000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x3000) = 0x40438000

close(4)                                = 0

read(3, "", 4096)                       = 0

close(3)                                = 0

munmap(0x403c1000, 4096)                = 0

open("/etc/pam.d/other", O_RDONLY)      = 3

fstat64(3, {st_mode=S_IFREG|0644, st_size=198, ...}) = 0

old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x403c1000

read(3, "#%PAM-1.0\n\nauth       required\t/"..., 4096) = 198

read(3, "", 4096)                       = 0

close(3)                                = 0

munmap(0x403c1000, 4096)                = 0

getuid32()                              = 1000

open("/etc/passwd", O_RDONLY)           = 3

fcntl64(3, F_GETFD)                     = 0

fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0

_llseek(3, 0, [0], SEEK_CUR)            = 0

fstat64(3, {st_mode=S_IFREG|0644, st_size=1963, ...}) = 0

mmap2(NULL, 1963, PROT_READ, MAP_SHARED, 3, 0) = 0x403c1000

_llseek(3, 1963, [1963], SEEK_SET)      = 0

munmap(0x403c1000, 1963)                = 0

close(3)                                = 0

open("/etc/shadow", O_RDONLY)           = -1 EACCES (Permission denied)

open("/etc/shadow", O_RDONLY)           = -1 EACCES (Permission denied)

open("/etc/shadow", O_RDONLY)           = -1 EACCES (Permission denied)

open("/etc/shadow", O_RDONLY)           = -1 EACCES (Permission denied)

ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 0

ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 0

rt_sigprocmask(SIG_BLOCK, [INT TSTP], [RTMIN], 8) = 0

time([1100639815])                      = 1100639815

write(2, "Password: ", 10Password: )              = 10

ioctl(0, SNDCTL_TMR_CONTINUE or TCSETSF, {B38400 opost isig icanon -echo ...}) = 0

read(0, "dbjw6h73279\n", 511)           = 12

ioctl(0, SNDCTL_TMR_STOP or TCSETSW, {B38400 opost isig icanon echo ...}) = 0

write(2, "\n", 1

)                       = 1

rt_sigprocmask(SIG_SETMASK, [RTMIN], NULL, 8) = 0

ioctl(0, SNDCTL_TMR_STOP or TCSETSW, {B38400 opost isig icanon echo ...}) = 0

open("/etc/passwd", O_RDONLY)           = 3

fcntl64(3, F_GETFD)                     = 0

fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0

_llseek(3, 0, [0], SEEK_CUR)            = 0

fstat64(3, {st_mode=S_IFREG|0644, st_size=1963, ...}) = 0

mmap2(NULL, 1963, PROT_READ, MAP_SHARED, 3, 0) = 0x403c1000

_llseek(3, 1963, [1963], SEEK_SET)      = 0

munmap(0x403c1000, 1963)                = 0

close(3)                                = 0

open("/etc/shadow", O_RDONLY)           = -1 EACCES (Permission denied)

open("/etc/shadow", O_RDONLY)           = -1 EACCES (Permission denied)

open("/etc/shadow", O_RDONLY)           = -1 EACCES (Permission denied)

open("/etc/shadow", O_RDONLY)           = -1 EACCES (Permission denied)

geteuid32()                             = 1000

pipe([3, 4])                            = 0

rt_sigaction(SIGCHLD, {SIG_DFL}, {SIG_DFL}, 8) = 0

fork()                                  = 24245

write(4, "nullok\0\0", 8)               = 8

write(4, "dbjw6h73279\0", 12)           = 12

close(3)                                = 0

close(4)                                = 0

waitpid(24245, [WIFEXITED(s) && WEXITSTATUS(s) == 1], 0) = 24245

--- SIGCHLD (Child exited) @ 0 (0) ---

getuid32()                              = 1000

geteuid32()                             = 1000

ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 0

readlink("/proc/self/fd/0", 0x8054930, 4095) = -1 EACCES (Permission denied)

fstat64(0, {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 5), ...}) = 0

stat64("/dev/pts", {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0

open("/dev/pts", O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = 3

fstat64(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0

fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0

getdents64(3, /* 8 entries */, 1024)    = 192

stat64("/dev/pts/5", {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 5), ...}) = 0

close(3)                                = 0

access("/var/run/utmpx", F_OK)          = -1 ENOENT (No such file or directory)

open("/var/run/utmp", O_RDWR)           = -1 EACCES (Permission denied)

open("/var/run/utmp", O_RDONLY)         = 3

fcntl64(3, F_GETFD)                     = 0

fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0

_llseek(3, 0, [0], SEEK_SET)            = 0

alarm(0)                                = 0

rt_sigaction(SIGALRM, {0x40150890, [], 0}, {SIG_DFL}, 8) = 0

alarm(1)                                = 0

fcntl64(3, F_SETLKW, {type=F_RDLCK, whence=SEEK_SET, start=0, len=0}) = 0

read(3, "\10\0\0\0\352\24\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\1\0\0\0003N\0\0~\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\10\0\0\0\271\30\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\t\34\0\0vc/1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\220\33\0\0vc/2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\221\33\0\0vc/3\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\6\0\0\0\222\33\0\0tty4\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\6\0\0\0\223\33\0\0tty5\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\6\0\0\0\224\33\0\0tty6\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\10\0\0\0\225\33\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\333\33\0\0:0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0a\34\0\0pts/0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0@R\0\0pts/1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\6\0\0\0\t\34\0\0tty1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\263T\0\0pts/2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\17R\0\0pts/3\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\5W\0\0pts/4\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\246^\0\0pts/5\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

fcntl64(3, F_SETLKW, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 0

alarm(0)                                = 1

rt_sigaction(SIGALRM, {SIG_DFL}, NULL, 8) = 0

close(3)                                = 0

ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 0

readlink("/proc/self/fd/0", 0x8054930, 4095) = -1 EACCES (Permission denied)

fstat64(0, {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 5), ...}) = 0

stat64("/dev/pts", {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0

open("/dev/pts", O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = 3

fstat64(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0

fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0

getdents64(3, /* 8 entries */, 1024)    = 192

stat64("/dev/pts/5", {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 5), ...}) = 0

close(3)                                = 0

access("/var/run/utmpx", F_OK)          = -1 ENOENT (No such file or directory)

open("/var/run/utmp", O_RDWR)           = -1 EACCES (Permission denied)

open("/var/run/utmp", O_RDONLY)         = 3

fcntl64(3, F_GETFD)                     = 0

fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0

_llseek(3, 0, [0], SEEK_SET)            = 0

alarm(0)                                = 0

rt_sigaction(SIGALRM, {0x40150890, [], 0}, {SIG_DFL}, 8) = 0

alarm(1)                                = 0

fcntl64(3, F_SETLKW, {type=F_RDLCK, whence=SEEK_SET, start=0, len=0}) = 0

read(3, "\10\0\0\0\352\24\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\1\0\0\0003N\0\0~\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\10\0\0\0\271\30\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\t\34\0\0vc/1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\220\33\0\0vc/2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\221\33\0\0vc/3\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\6\0\0\0\222\33\0\0tty4\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\6\0\0\0\223\33\0\0tty5\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\6\0\0\0\224\33\0\0tty6\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\10\0\0\0\225\33\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\333\33\0\0:0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0a\34\0\0pts/0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0@R\0\0pts/1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\6\0\0\0\t\34\0\0tty1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\263T\0\0pts/2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\17R\0\0pts/3\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\5W\0\0pts/4\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\246^\0\0pts/5\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

fcntl64(3, F_SETLKW, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 0

alarm(0)                                = 1

rt_sigaction(SIGALRM, {SIG_DFL}, NULL, 8) = 0

close(3)                                = 0

ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 0

readlink("/proc/self/fd/0", 0x8054930, 4095) = -1 EACCES (Permission denied)

fstat64(0, {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 5), ...}) = 0

stat64("/dev/pts", {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0

open("/dev/pts", O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = 3

fstat64(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0

fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0

getdents64(3, /* 8 entries */, 1024)    = 192

stat64("/dev/pts/5", {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 5), ...}) = 0

close(3)                                = 0

access("/var/run/utmpx", F_OK)          = -1 ENOENT (No such file or directory)

open("/var/run/utmp", O_RDWR)           = -1 EACCES (Permission denied)

open("/var/run/utmp", O_RDONLY)         = 3

fcntl64(3, F_GETFD)                     = 0

fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0

_llseek(3, 0, [0], SEEK_SET)            = 0

alarm(0)                                = 0

rt_sigaction(SIGALRM, {0x40150890, [], 0}, {SIG_DFL}, 8) = 0

alarm(1)                                = 0

fcntl64(3, F_SETLKW, {type=F_RDLCK, whence=SEEK_SET, start=0, len=0}) = 0

read(3, "\10\0\0\0\352\24\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\1\0\0\0003N\0\0~\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\10\0\0\0\271\30\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\t\34\0\0vc/1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\220\33\0\0vc/2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\221\33\0\0vc/3\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\6\0\0\0\222\33\0\0tty4\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\6\0\0\0\223\33\0\0tty5\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\6\0\0\0\224\33\0\0tty6\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\10\0\0\0\225\33\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\333\33\0\0:0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0a\34\0\0pts/0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0@R\0\0pts/1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\6\0\0\0\t\34\0\0tty1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\263T\0\0pts/2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\17R\0\0pts/3\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\5W\0\0pts/4\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\246^\0\0pts/5\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

fcntl64(3, F_SETLKW, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 0

alarm(0)                                = 1

rt_sigaction(SIGALRM, {SIG_DFL}, NULL, 8) = 0

close(3)                                = 0

ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 0

readlink("/proc/self/fd/0", 0x8054930, 4095) = -1 EACCES (Permission denied)

fstat64(0, {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 5), ...}) = 0

stat64("/dev/pts", {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0

open("/dev/pts", O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = 3

fstat64(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0

fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0

getdents64(3, /* 8 entries */, 1024)    = 192

stat64("/dev/pts/5", {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 5), ...}) = 0

close(3)                                = 0

access("/var/run/utmpx", F_OK)          = -1 ENOENT (No such file or directory)

open("/var/run/utmp", O_RDWR)           = -1 EACCES (Permission denied)

open("/var/run/utmp", O_RDONLY)         = 3

fcntl64(3, F_GETFD)                     = 0

fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0

_llseek(3, 0, [0], SEEK_SET)            = 0

alarm(0)                                = 0

rt_sigaction(SIGALRM, {0x40150890, [], 0}, {SIG_DFL}, 8) = 0

alarm(1)                                = 0

fcntl64(3, F_SETLKW, {type=F_RDLCK, whence=SEEK_SET, start=0, len=0}) = 0

read(3, "\10\0\0\0\352\24\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\1\0\0\0003N\0\0~\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\10\0\0\0\271\30\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\t\34\0\0vc/1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\220\33\0\0vc/2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\221\33\0\0vc/3\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\6\0\0\0\222\33\0\0tty4\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\6\0\0\0\223\33\0\0tty5\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\6\0\0\0\224\33\0\0tty6\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\10\0\0\0\225\33\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\333\33\0\0:0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0a\34\0\0pts/0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0@R\0\0pts/1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\6\0\0\0\t\34\0\0tty1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\263T\0\0pts/2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\17R\0\0pts/3\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\5W\0\0pts/4\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

read(3, "\7\0\0\0\246^\0\0pts/5\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384

fcntl64(3, F_SETLKW, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 0

alarm(0)                                = 1

rt_sigaction(SIGALRM, {SIG_DFL}, NULL, 8) = 0

close(3)                                = 0

time([1100639821])                      = 1100639821

open("/etc/localtime", O_RDONLY)        = 3

fstat64(3, {st_mode=S_IFREG|0644, st_size=837, ...}) = 0

old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x403c1000

read(3, "TZif\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\10\0\0\0\10"..., 4096) = 837

close(3)                                = 0

munmap(0x403c1000, 4096)                = 0

getpid()                                = 24235

rt_sigaction(SIGPIPE, {0x4011fef0, [], 0}, {SIG_DFL}, 8) = 0

socket(PF_UNIX, SOCK_DGRAM, 0)          = 3

fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0

connect(3, {sa_family=AF_UNIX, path="/dev/log"}, 16) = -1 EPROTOTYPE (Protocol wrong type for socket)

close(3)                                = 0

socket(PF_UNIX, SOCK_STREAM, 0)         = 3

fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0

connect(3, {sa_family=AF_UNIX, path="/dev/log"}, 16) = 0

send(3, "<37>Nov 16 22:17:01 su(pam_unix)"..., 138, 0) = 138

rt_sigaction(SIGPIPE, {SIG_DFL}, NULL, 8) = 0

close(3)                                = 0

select(0, NULL, NULL, NULL, {2, 347378}
```

----------

## 76062563

Es ist mir unglaublich peinlich!   :Embarassed: 

Ich habe das Problem gefunden:

keine Ahnung warum, aber in der /etc/passwd stand

```
root:x:0:0:root:/root:bash
```

statt

```
root:x:0:0:root:/root:/bin/bash
```

Es ist mir wirklich schleierhaft wie das passieren konnte, ich hab garantiert nicht in der /etc/passwd rumgepfuscht, ich weiss dass die Standardausrede immer "Ich hab nix gemacht" ist...

Ob ihrs glaubt oder nicht, in meinem Fall war es tatsächlich so.

Gruß,

Jonny

----------

