From SSH can't su -

[jlamb85]

I am unable to su from general user to root. I am sure it is a setting somewhere but have not found it. If you know where it is please advise. Thanks

[fcaviggia]

Yep. Part of the the guide - you need to be a member of the wheel group - sudo is prefered.

[jlamb85]

Added user to wheel group and now getting the following

sudo: effective uid is not 0, is sudo installed setuid root?

my /usr/bin/sudo has the following permissions

---s--x--x. 1 root root 123832 Oct 7 2013 /usr/bin/sudo

[necrolyte2]

Adding the user to the wheel group only allows you to use the su command

In order to use sudoers with all users in the wheel group uncomment the following line in /etc/sudoers

# %wheel ALL=(ALL) ALL

[lmeinecke]

http://www.stigviewer.com/stig/red_hat_enterprise_linux_5/2014-07-07/finding/V-22308?

This is for RHEL5 but it applies to RHEL6. This is what is driving the requirement and where it is applied in pam.d

[jlamb85]

I would rather use sudo but I get the an error

sudo: effective uid is not 0, is sudo installed setuid root?

[jlamb85]

This line is uncommented %wheel ALL=(ALL) ALL

[necrolyte2]

Can you also verify that the sudo executable that is in your path is /usr/bin/sudo

which sudo ls -l $(which sudo)

The permissions look correct on /usr/bin/sudo and should work fine

[necrolyte2]

Looks like most likely this is the cause https://github.com/fcaviggia/hardening-script-el6/blob/89a9508827ff3aeecf7472d865920048a56a87f2/scripts/gen002420.sh#L37

The /usr mount point may have nosuid

[jlamb85]

which sudo = /usr/bin/sudo from the user not root

[necrolyte2]

Is /usr mounted with nosuid?

cat /proc/mounts | grep '/usr'

[jlamb85]

Yes /usr had nosuid Thanks all