| From: | david(dot)lao(at)sharpasia(dot)com(dot)mo |
|---|---|
| To: | Michael Fuhr <mike(at)fuhr(dot)org>, david(dot)lao(at)sharpasia(dot)com(dot)mo |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: real and effective user ids must match |
| Date: | 2006-09-15 04:49:35 |
| Message-ID: | 3865.202.175.123.162.1158295775.mailsage.folio@sharpasia.com.mo |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
>Do you have sudo? If so then what does "sudo -u postgres id" show?
>If uid and euid are the same (both postgres) then you might be able
>to start the postmaster with sudo instead of su.
"sudo -u postgres id" show
uid=0(root) gid=26 euid=26(postgres) groups=26
>What do you mean by "the hacker"? Do you know or suspect that
>you've been hacked? If so then I'd recommend that you reinstall
>your system from trustworthy media, make sure you have current
>security patches, and close any configuration holes that might have
>let an intruder in.
Yes, I have been hacked, because I found a new unknown a/c in my system. and in log file get this message:
Sep 3 22:55:00 TWeb su(pam_unix)[24299]: session opened for user root by (uid=0)
Sep 3 22:55:17 TWeb su(pam_unix)[24299]: session closed for user root
David
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jeff Frost | 2006-09-15 05:24:29 | Re: real and effective user ids must match |
| Previous Message | Michael Fuhr | 2006-09-15 04:31:23 | Re: real and effective user ids must match |