sudo with PAM - pam_setcred: Permission denied
Todd C. Miller
Todd.Miller at courtesan.com
Sat Jan 19 19:32:19 EST 2002
The problem is that in Linux PAM 0.75 even though the setcred
function succeeds, the return value in this case is still
PAM_PERM_DENIED. This is because _pam_dispatch_aux() uses a cached
return value which is not going to be set unless pam_authenticate()
is used. Since sudo doesn't ask for a password every time that
doesn't work too well (and at the moment pam_setcred is done with
a different session as the authentication anyway).
The simplest (and just about only) solutino is to just ignore the
return value of pam_setcred().
More information about the sudo-users