I upgraded from Fedora 27 to 28 and I am no longer able to run sudo or su from command line, I was able to do so before upgrade, verified that my user is still part of wheel group, have tried googling for it a while but havent found any solution to this problem, any troubleshooting advice is highly appreciated
odd thing is , I cant even su to the same user with which I have logged in !,
[girish@girish ~]$ su - girish
su: Authentication failure
The only possibility I can think of is that, the user you are trying to login to, has set disabled (1) somewhere in update process!
You may want to set a (new) password for it.
For instanc $ passwd root will ask you for a new password for the root user.
If it went the expected way (i.e. you could login to root user by the new password you just set) then there shouldn’t be any problem for the rest…
(1): same as the sate of root user in later versions of Fedora
Open another terminal window and run journalctl -f in there. Then attempt su to your own user again and watch what gets written in the other terminal. The journalctl output should give you more insight on what might be wrong. You can hit Ctrl-C to stop the journalctl output.
I have a problem that is tantilizing similar. I have been on Fedora 29 since late last year. Whenever I needed to use root commands i used su -l and typed my password followed by the ENTER key with no problems but today when I needed to run dnf I keep getting authentication failures. Now nothing has changed on my machine except for deinstalling & reinstalling printerthe option to install pending updates at boot up has not appeared since 29 was installed.
However in the last week I mostly completed the records for my FAS logon except for secure shell. This prompts me to ask whether a change in my FAS record on the server may result in corresponding changes on my clien such as switching su to use secure shell?
Well, this has been marked as a solution, but it really is not. The upgrade to Fedora 29 did something which enabled the sudo command again, but the error was somewhere else. I have been thinking about:
typing password with a different keyboard layout
some SElinux problem - could be worth trying with setenforce 0
incorrect rights to /etc/passwd or /etc/shadow
incorrectly placing the user into the wheel group
previously modifying the /etc/sudoers without using visudo
Anyway, you were lucky that the update fixed your situation. Enjoy Fedora.
The FAS process has probably nothing in common with your situation. The su -l command uses the root password to open a root console to run commands. This is not the same with the sudo command that only grants root privilege to a normal user.
Can you log into your system as a regular user normally? Can you use the sudo command to administer your computer? If yes, maybe the root password has been corrupted or disabled.
Switch to the root console using sudo -i . Does it work?
If so, change (or (re)create) the root password using passwd.
On my system after the install of Fedora 29 no downloaded updates have been applied since the install pending updates check box in the boot menu has not appeared. The only softare changes had to do with deinstall/reinstall of a package of EPSON printer drivers that came in a separate .rpm. This was a couple of weeks ago and then su -l allowed me to switch to root to run dnf.
In the last few days I mostly completed my FAS record with the one exception being that I did not specify secure shell. I speculate that FAS may change some settings on my client to match updates to FAS and may replace su -l with a secure shell operation.
Are you using some automated process that logs you into FAS using credentials from your computer? I believe that setting up FAS (at least the Fedora Accounts System account) is a completely independent process. Or do you mean some other FAS?
Have you tried recreating the root password and did it help? Can you use sudo to run commands?
II am not using any automated process as far as I know but would not be overly surprised to find such connections…
On my system only one thing has changed from a week ago when su -l worked to allow me to run dnf. That is the completion of my FAS record with the exception of secure shell. Because of a bug preventing install of pending updates the only install/deinstalls done were for EPSON printer support which came in their own rpm file.
When su -l does not work, it can point to some problems with the root password. The original post stated that sudo did not work either. I have asked, whether you have tried using sudo and if it worked. Can you please make sure?
Can you run sudo dnf update and does that do anything?