Login Problems with Non-Root Users in AIX


Contents

About this document
    Related documentation
Symptoms
Steps to check problem files and directories

About this document

This document describes login and permissions problems for non-root users and how they can be solved by checking permissions, owner, and group for specific directories and files.

This document is applicable to AIX Versions 3.x and 4.x.

Related documentation

The product documentation library is also available:
http://www.rs6000.ibm.com/resource/aix_resource/Pubs/index.html


Symptoms

These symptoms are caused by the user not being able to execute the login shell (ksh, csh, or bsh, depending upon which is being used) or by a permissions problem in the home directory path.


Steps to check problem files and directories

The following steps show how to check the files and directories that may have a problem with permissions, owner, or group.

If there is a problem with any of the files or directories, use chmod, chown, or chgrp to change the permissions, ownership, or group.

If a symbolic link is missing, use the ln command to recreate it.

For example, to create /bin linked to /usr/bin, run the following command:

   ln -s /usr/bin /bin 

Steps

  1. Log in as root.
     
  2. If users other than root see the message system unavailable when they attempt to login, continue with this step. Otherwise, skip to the next step.

    Check for the /etc/nologin file with

       ls -l /etc/nologin 
    

    If the file /etc/nologin exists, delete it with

       rm /etc/nologin 
    

    For AIX 4.x enter:

       cd / 
       ls -al 
    

    Example output:

    drwxr-xr-x  19 bin   bin      1024 Dec 12 21:14 . 
    drwxr-xr-x  19 bin   bin      1024 Dec 12 21:14 .. 
    lrwxrwxrwx   1 bin   bin         8 Nov 22 09:37 bin -> /usr/bin 
    drwxrwxr-x   4 root  system   2048 Dec 12 21:12 dev 
    drwxr-xr-x  12 root  system   2048 Dec 12 21:11 etc 
    drwxr-xr-x   5 bin   bin       512 Nov 22 14:51 home 
    lrwxrwxrwx   1 bin   bin         8 Nov 22 09:37 lib -> /usr/lib 
    drwxr-xr-x  20 bin   bin       512 Nov 22 13:33 lpp 
    drwxr-xr-x   3 bin   bin       512 Nov 22 09:37 sbin 
    lrwxrwxrwx   1 bin   bin         5 Nov 22 09:37 u -> /home 
    drwxr-xr-x  20 bin   bin       512 Nov 22 14:24 usr 
    drwxr-xr-x  12 bin   bin       512 Nov 22 12:59 var 
    
  3. Enter:
       ls -ld /usr/bin /usr/lib /tmp 
    

    Example output:

       drwxr-xr-x   3 bin   bin     10752 Nov 22 12:53 /usr/bin 
       drwxr-xr-x  28 bin   bin      4096 Dec 15 17:08 /usr/lib/ 
       drwxrwxrwt   8 bin   bin      2560 Jan 22 14:46 /tmp/ 
    
  4. Enter:
       ls -l /usr/bin/csh /usr/bin/ksh /usr/bin/bsh 
    

    Example output:

       -r-xr-xr-x   2 bin   bin    341020 Nov 22 09:37 /usr/bin/bsh 
       -r-xr-xr-x   1 bin   bin    154412 Nov 22 09:37 /usr/bin/csh 
       -r-xr-xr-x   4 bin   bin    230148 Nov 22 09:37 /usr/bin/ksh 
    

    Determine the user's home directory. In these steps, we will refer to the user's ID and directory as "user_one".
     

  5. Enter:

    ls -ld u/user_one     (use path of user's directory)

    Example output:

       -drwxr-xr-x  9 user_one system   7680 Dec 24 15:00 /u/user_one 
    

    The directory should be owned by the user and the user should have rwx permissions.
     

  6. Enter:
       cd /u/user_one 
       ls -al | pg 
    

    Example output:

       drwxr-xr-x   9 user_one system   7680 Dec 24 15:00 . 
       drwxr-xr-x  71 bin      bin      1536 Dec 14 09:37 .. 
    

    The owner of the "." directory should be the user. The permissions on the ".." directory should be at least r-x for group and r-x for other.
     

  7. If the user still has permission denied problems but not login problems, the cause could be file system mount point permissions.

    In order to check the permissions on the mount point, the file system must first be unmounted. Some file systems' mount points can only be checked from service mode after booting from boot media.

    The permissions of the underlying mount point should be at least d--x--x--x, but full permissions (drwxrwxrwx) are recommended. The permission setting of the mounted file system can be used to restrict access.




[ Doc Ref: 90605225214682     Publish Date: Oct. 02, 2000     4FAX Ref: 4509 ]