I have a fresh install of Rocky 9 DVD as a “Workstation with GUI” and I have selected the CIS RHEL 9 Workstation Level 1 Benchmark security profile and I have SELinux in enforcing mode. I am running into a problem where non-privileged user is unable to execute an “su” to become root or to another user even with a correct password. When an “su” is executed an error message is returned as:
su
Password:
su: Permission denied
I have never encountered this situation before and I cannot find any information in the log files to indicate the source of the problem. When I execute (as user1)
su user 2
the /var/log/messages file shows this entry:
*Jul 13 13:21:12 user1 su[54604]: FAILED SU (to user2) user1 on pts/1*
I see no entries in /var/log/secure to indicate a password failure. There is an entry in /var/log/audit/audit.log as:
type=USER_AUTH msg=audit(1689269269.922:621): *pid=55167 uid=1000 auid=1000 ses=15 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=? acct="user2" exe="/usr/bin/su" hostname=? addr=? terminal=/dev/pts/1 res=failed'UID="user1" AUID="user2"*
Truthfully I have no idea as to how to interpret this to get a clue as to the reason for the failure. I have tried disabling SELinux enforcement but that did not resolve the issue. I have verified that the passwords are correct by logging in to the accounts via ssh with no issues. If I make the non-privileged user a member of the wheel group I can sudo or su but I do not wish to do this. Any suggestions as to what may be wrong would be appreciated!