Re: sudo not available after configuring ipmi serial over lan

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Re: sudo not available after configuring ipmi serial over lan

Eugene Grosbein-10
08.11.2018 5:56, Jordan Caraballo wrote:

> Hi guys,
>
> After configuring ipmi serial over lan console, I am not being able to
> execute any command related to sudo; not even "sudo su -". I am using ttyu0
> and COM1 on a Dell R530. Everything regarding receiving output and typing
> at the serial console is fine; the only command not working is sudo.
>
> Any ideas? Below are the configurations.
>
> /etc/ttys
>
> # Serial terminals
> # The 'dialup' keyword identifies dialin lines to login, fingerd etc.
> #ttyu0  "/usr/libexec/getty 3wire"      vt100   onifconsole secure
> ttyu0   "/usr/libexec/getty std.115200" vt100   on          secure

Use network access to perform the following:

1) Change "on" to "off" for ttyu0 then run "init q" to apply changes.
2) Replace "ttyu0" with "cuau0" within same line then run "init q" again.

Then retry using console and sudo.

_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[hidden email]"
Reply | Threaded
Open this post in threaded view
|

Re: sudo not available after configuring ipmi serial over lan

Ronald Klop
On Wed, 07 Nov 2018 23:56:26 +0100, Jordan Caraballo  
<[hidden email]> wrote:

> Hi guys,
>
> After configuring ipmi serial over lan console, I am not being able to
> execute any command related to sudo; not even "sudo su -". I am using  
> ttyu0
> and COM1 on a Dell R530. Everything regarding receiving output and typing
> at the serial console is fine; the only command not working is sudo.


What do you mean by 'not working'? Is there an error message? Does it  
hang? Do you get logged out?

Regards,
Ronald.


>
> Any ideas? Below are the configurations.
>
> /etc/ttys
>
> # Serial terminals
> # The 'dialup' keyword identifies dialin lines to login, fingerd etc.
> #ttyu0  "/usr/libexec/getty 3wire"      vt100   onifconsole secure
> ttyu0   "/usr/libexec/getty std.115200" vt100   on          secure
> ttyu1   "/usr/libexec/getty 3wire"      vt100   onifconsole secure
> ttyu2   "/usr/libexec/getty 3wire"      vt100   onifconsole secure
> ttyu3   "/usr/libexec/getty 3wire"      vt100   onifconsole secure
> # Dumb console
> dcons   "/usr/libexec/getty std.9600"   vt100   off secure
>
> /boot/loader.conf
>
> # ipmi enabled
> ipmi_load="YES"
> # ipmi configurations
> boot_multicons="YES"
> boot_serial="YES"
> # serial configurations for COM1
> console="comconsole,vidconsole"
> comconsole_speed="115200"
> comconsole_port="0x3F8"
> hint.uart.0.flags="0x00"
> hint.uart.2.flags="0x10"
>
_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[hidden email]"
Reply | Threaded
Open this post in threaded view
|

Re: sudo not available after configuring ipmi serial over lan

Jordan Caraballo
It hangs. No output at all. Latest testing showed that if I do:

# sudo su -

And hit Ctrl-C two times I get the password prompt, however, when I enter
the password it ignores it ( no error message).

/var/log/auth.log just records that the user executes the “su -“ command.
Just to be clear, when using normal console or kvm, this works fine.

On Thu, Nov 8, 2018 at 7:27 AM Ronald Klop <[hidden email]> wrote:

> On Wed, 07 Nov 2018 23:56:26 +0100, Jordan Caraballo
> <[hidden email]> wrote:
>
> > Hi guys,
> >
> > After configuring ipmi serial over lan console, I am not being able to
> > execute any command related to sudo; not even "sudo su -". I am using
> > ttyu0
> > and COM1 on a Dell R530. Everything regarding receiving output and typing
> > at the serial console is fine; the only command not working is sudo.
>
>
> What do you mean by 'not working'? Is there an error message? Does it
> hang? Do you get logged out?
>
> Regards,
> Ronald.
>
>
> >
> > Any ideas? Below are the configurations.
> >
> > /etc/ttys
> >
> > # Serial terminals
> > # The 'dialup' keyword identifies dialin lines to login, fingerd etc.
> > #ttyu0  "/usr/libexec/getty 3wire"      vt100   onifconsole secure
> > ttyu0   "/usr/libexec/getty std.115200" vt100   on          secure
> > ttyu1   "/usr/libexec/getty 3wire"      vt100   onifconsole secure
> > ttyu2   "/usr/libexec/getty 3wire"      vt100   onifconsole secure
> > ttyu3   "/usr/libexec/getty 3wire"      vt100   onifconsole secure
> > # Dumb console
> > dcons   "/usr/libexec/getty std.9600"   vt100   off secure
> >
> > /boot/loader.conf
> >
> > # ipmi enabled
> > ipmi_load="YES"
> > # ipmi configurations
> > boot_multicons="YES"
> > boot_serial="YES"
> > # serial configurations for COM1
> > console="comconsole,vidconsole"
> > comconsole_speed="115200"
> > comconsole_port="0x3F8"
> > hint.uart.0.flags="0x00"
> > hint.uart.2.flags="0x10"
> >
>
--
Jordan
_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[hidden email]"
Reply | Threaded
Open this post in threaded view
|

Re: sudo not available after configuring ipmi serial over lan

Robert Schulze-2
In reply to this post by Eugene Grosbein-10
Hi,

Am 07.11.18 um 23:56 schrieb Jordan Caraballo:
> Hi guys,
>
> After configuring ipmi serial over lan console, I am not being able to
> execute any command related to sudo; not even "sudo su -". I am using ttyu0
> and COM1 on a Dell R530. Everything regarding receiving output and typing
> at the serial console is fine; the only command not working is sudo.
>

try looking into a manpage of your choice, does this work?
We had similar problems here with IPMI/SOL, these could be fixed by
using a 3wire getty instead of std:

ttyu0   "/usr/libexec/getty 3wire.115200" vt100   on          secure

with kind regards,
Robert Schulze
_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[hidden email]"
Reply | Threaded
Open this post in threaded view
|

Re: sudo not available after configuring ipmi serial over lan

Eugene Grosbein-10
In reply to this post by Eugene Grosbein-10
09.11.2018 3:26, Eric Borisch wrote:

> What I find interesting is that with the 'wrong' setting, you can log still
> in just fine, and run most commands, but 'sudo' alone fails as described
> above. (I've had the same experience on Serial-over-IPMI, but 'su' worked
> fine so I never dug into it.)
>
> It's an easy fix, but I'm still (academically) interested in what it is
> that sudo is doing that is unique.

It calls syslog() function with parameters that (for default /etc/ttys and /etc/syslog.conf)
makes an attempt to write to the console that blocks.

You can easily verify this using "ktrace -i sudo ..." and "kdump" after.

_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[hidden email]"