suspicious: after reboot I get a request: Authentication required to run /bin/sh as the superuser
robert rottermann
robert at redcor.ch
Fri Apr 29 07:58:58 UTC 2022
Thanks Mitchel
On 28.04.22 20:09, Tom Mitchell wrote:
> On Thu, Apr 28, 2022 at 12:19 AM robert rottermann<robert at redcor.ch> wrote:
>> for some times now, I get a request to authenticate as "super user" each time I
>> login:
>>
>> Authentication required to run /bin/sh as the superuser
> You can switch between different TTYs by using CTRL+ALT+Fn keys
> Get a simple terminal window and login as root and see if that
> replicates the issue without the window system.
>
> As root in both cases check "id" and "id -Z"
robert at chrissy:~$ id -Z
id: --context (-Z) works only on an SELinux-enabled kernel
so I installed SELinux (and hope I did not open an other can of worms)..
these are the files I have in /etc/profile.d
I sourced them all. No complaints by SELinux
rwxr-xr-x. 182 root root 12288 Apr 29 07:55 ../
-rw-r--r--. 1 root root 96 Aug 20 2018 01-locale-fix.sh
-rw-r--r--. 1 root root 835 Sep 9 2021 apps-bin-path.sh
-rw-r--r--. 1 root root 726 Sep 2 2020 bash_completion.sh
-rw-r--r--. 1 root root 1003 Dez 29 2015 cedilla-portuguese.sh
-rw-------. 1 root root 677 Apr 28 09:59 debuginfod.csh
-rw-------. 1 root root 692 Apr 28 09:59 debuginfod.sh
-rw-r--r--. 1 root root 831 Okt 13 2021 flatpak.sh
-rw-r--r--. 1 root root 1107 Mär 23 14:53 gawk.csh
-rw-r--r--. 1 root root 757 Mär 23 14:53 gawk.sh
-rw-r--r--. 1 root root 1012 Mär 22 13:45 gnome-session_gnomerc.sh
-rw-r--r--. 1 root root 376 Nov 16 11:05 im-config_wayland.sh
-rw-r--r--. 1 root root 999 Feb 12 2019 libvirt-uri.sh
-rw-r--r--. 1 root root 1908 Mär 28 14:37 vte-2.91.sh
-rw-r--r--. 1 root root 967 Jun 27 2021 vte.csh
-rw-r--r--. 1 root root 954 Mai 2 2018 xdg_dirs_desktop_session.sh
I
The following "errors" where reported:
vte.csh :
source vte.csh
bash: vte.csh: line 19: syntax error near unexpected token `!'
bash: vte.csh: line 19: `if ( ! $?prompt | ! $?tcsh | ! $?TERM | !
$?VTE_VERSION ) exit
gawk.csh:
produces a number of errors
debuginfod.csh
bash: debuginfod.csh: line 18: syntax error: unexpected end of file
Check log files in /var/log and below.
does the following give you any clue (I looked for /bin/sh in /etc/log)?
auth.log
237:Apr 24 17:06:32 chrissy pkexec[9298]: robert: Error executing command as
another user: Request dismissed [USER=root] [TTY=unknown] [CWD=/home/robert]
[COMMAND=/bin/sh /tmp/tmp2uityfxd]
601:Apr 26 11:53:20 chrissy polkitd(authority=local): Operator of unix-session:2
successfully authenticated as unix-user:robert to gain ONE-SHOT authorization
for action com.ubuntu.release-upgrader.release-upgrade for
unix-process:140381:15405028 [/bin/sh -c /usr/bin/do-release-upgrade
--frontend=DistUpgradeViewGtk3] (owned by unix-user:robert)
615:Apr 26 11:59:23 chrissy polkitd(authority=local): Operator of unix-session:2
successfully authenticated as unix-user:robert to gain ONE-SHOT authorization
for action com.ubuntu.release-upgrader.release-upgrade for
unix-process:151494:15441833 [/bin/sh -c /usr/bin/do-release-upgrade
--frontend=DistUpgradeViewGtk3] (owned by unix-user:robert)
621:Apr 26 12:02:44 chrissy polkitd(authority=local): Operator of unix-session:2
successfully authenticated as unix-user:robert to gain ONE-SHOT authorization
for action com.ubuntu.release-upgrader.release-upgrade for
unix-process:160793:15462153 [/bin/sh -c /usr/bin/do-release-upgrade
--frontend=DistUpgradeViewGtk3] (owned by unix-user:robert)
753:Apr 26 15:44:31 chrissy pkexec[13900]: robert: Error executing command as
another user: Request dismissed [USER=root] [TTY=unknown] [CWD=/home/robert]
[COMMAND=/bin/sh /tmp/tmpd95det1p]
801:Apr 26 16:12:22 chrissy pkexec[10331]: robert: Error executing command as
another user: Request dismissed [USER=root] [TTY=unknown] [CWD=/home/robert]
[COMMAND=/bin/sh /tmp/tmpflfgsqeo]
829:Apr 26 16:23:30 chrissy pkexec[15174]: robert: Error executing command as
another user: Request dismissed [USER=root] [TTY=unknown] [CWD=/home/robert]
[COMMAND=/bin/sh /tmp/tmp3ukaca6w]
1000:Apr 27 08:06:36 chrissy pkexec[60428]: robert: Error executing command as
another user: Request dismissed [USER=root] [TTY=unknown] [CWD=/]
[COMMAND=/bin/sh /tmp/tmpmdjgi7zg]
1193:Apr 27 14:16:04 chrissy pkexec[10726]: robert: Error executing command as
another user: Request dismissed [USER=root] [TTY=unknown] [CWD=/home/robert]
[COMMAND=/bin/sh /tmp/tmpfx6ibmpr]
1237:Apr 27 15:30:19 chrissy polkitd(authority=local): Operator of
unix-session:2 successfully authenticated as unix-user:robert to gain TEMPORARY
authorization for action org.fortinet.fortitray.quit for
unix-process:32122:450121 [/bin/sh -c cd "/home/robert/projects/odoo15/odoo15";
"/usr/bin/pkexec" --disable-internal-agent /bin/bash -c "echo SUDOPROMPT;
\"/snap/code/94/usr/share/code/bin/code\" --file-write
\"/home/robert/.config/Code/code-elevated-SvZlXTB7\"
\"/etc/postgresql/13/main/start.conf\""] (owned by unix-user:robert)
1240:Apr 27 15:30:55 chrissy polkitd(authority=local): Operator of
unix-session:2 successfully authenticated as unix-user:robert to gain TEMPORARY
authorization for action org.fortinet.fortitray.quit for
unix-process:32234:453713 [/bin/sh -c cd "/home/robert/projects/odoo15/odoo15";
"/usr/bin/pkexec" --disable-internal-agent /bin/bash -c "echo SUDOPROMPT;
\"/snap/code/94/usr/share/code/bin/code\" --file-write
\"/home/robert/.config/Code/code-elevated-UxEVjQee\"
\"/etc/postgresql/14/main/start.conf\""] (owned by unix-user:robert)
1246:Apr 27 15:37:53 chrissy polkitd(authority=local): Operator of
unix-session:2 successfully authenticated as unix-user:robert to gain TEMPORARY
authorization for action org.fortinet.fortitray.quit for
unix-process:32770:495497 [/bin/sh -c cd "/home/robert/projects/odoo15/odoo15";
"/usr/bin/pkexec" --disable-internal-agent /bin/bash -c "echo SUDOPROMPT;
\"/snap/code/94/usr/share/code/bin/code\" --file-write
\"/home/robert/.config/Code/code-elevated-y4mww7It\"
\"/etc/postgresql/13/main/postgresql.conf\""] (owned by unix-user:robert)
1313:Apr 27 17:12:06 chrissy pkexec[10774]: robert: Error executing command as
another user: Request dismissed [USER=root] [TTY=unknown] [CWD=/home/robert]
[COMMAND=/bin/sh /tmp/tmpzwsmwq_w]
1502:Apr 28 08:55:33 chrissy pkexec[68432]: robert: Error executing command as
another user: Request dismissed [USER=root] [TTY=unknown] [CWD=/home/robert]
[COMMAND=/bin/sh /tmp/tmpsba7xg8g]
1503:Apr 28 09:02:18 chrissy polkitd(authority=local): Operator of
unix-session:53 successfully authenticated as unix-user:robert to gain ONE-SHOT
authorization for action com.ubuntu.release-upgrader.release-upgrade for
unix-process:68537:5663596 [/bin/sh -c /usr/bin/do-release-upgrade
--frontend=DistUpgradeViewGtk3] (owned by unix-user:robert)
1631:Apr 28 10:15:27 chrissy pkexec[12009]: robert: Error executing command as
another user: Request dismissed [USER=root] [TTY=unknown] [CWD=/home/robert]
[COMMAND=/bin/sh /tmp/tmp8rsg1m91]
2003:Apr 29 07:37:03 chrissy pkexec[8407]: robert: Error executing command as
another user: Request dismissed [USER=root] [TTY=unknown] [CWD=/home/robert]
[COMMAND=/bin/sh /tmp/tmp2_opbejc]
2046:Apr 29 07:40:23 chrissy pkexec[8459]: robert: Error executing command as
another user: Request dismissed [USER=root] [TTY=unknown] [CWD=/home/robert]
[COMMAND=/bin/sh /tmp/tmpc_njb707]
2106:Apr 29 09:02:01 chrissy pkexec[10046]: robert: Error executing command as
another user: Request dismissed [USER=root] [TTY=unknown] [CWD=/home/robert]
[COMMAND=/bin/sh /tmp/tmpvunm93af]
thanks for your support
robert
> Check /etc/profile.d/ you can source many of these files with a spare account
> If the system has SeLinux installed, relabel or check the labels of the system.
> Make sure /etc/passwd has what you expect for shell and the home dir.
>
> With a spare shell source all the profile and startup scripts.
> SeLinux in permissive mode can log a lot of clues.
>
> It is not silly to reinstall key packages one or two at a time. dnf is
> rather good at managing and cleaning things up.
>
> Check alternatives.
More information about the ubuntu-users
mailing list