root pass changed, did i get hacked?

[dknzubzero]

hey.

about 20 min ago i emerged a couple of things using the root user, it worked perfecly.

now just a few mins ago i wanted to log in again (by ssh as i always do)

but my password was wrong, i checked speeling, caps etc etc. didn't help.

tryed locally on the server (its right next to me) and i couldn't log in there either...

ctrl+alt+f1 .. i had left a root consol open.. passwd and now the root user works again.. but..

as i thought a friend (who have my root pass since he's the one i turn too when having linux problems) was playing i joke on me i though that i would make a backup root (admin) so that i could use that for his next joke... i use "Kuse" to add it.. marks all the groups and hit the ok button... and then an error comes up

[hds]

it is not enough to be in all groups. you have to be the one and only user called "root" for some things.

have a look at the filepermissions of /etc/gshadow - to talke your example. they are 400 root:root, so only the user root can modify this file.
same goes for emerge. actually it is just a sript - view it! it checks if the user root is running it.

[dknzubzero]

i'm logged in as root when using Kusers .. so i should have access to it... ?

[hds]

[dknzubzero]

thats why i was thinking hacker instead of joke... since my friends wouldn't destroy something in my system.. also they (the two who knows the password) where not even home last night..

I've used Kuser before.. (its the KDE user admin program)..

the system is stable and from what i've checked so far i've lost no data... so i'm just gonna find a new password and see whats happends... also i've scanned with a few rootkit-scanners. all came out cleane...

but thx for the help.. i learned something new (being in root-group doesn't make you all that cool )

[Paulten]

why don't you just check the logs?
"last" is usefull for this
_________________
Homepage : http://paul.kde.no Jabber ID : tenfjord@jabber.org
"Dei levde som dyr. Dei verken røykte eller drakk" -Ukjent