Solaris 8 compat mode (FIXED)
RB512C at motorola.com
Tue Aug 26 16:17:09 EDT 2003
Finally got back around to looking at this problem. Thought I would post this response since I have still not see a solution posted.
With help from Darren Dunham who pointed me to the fact that solaris 8 now puts an x in the password field of the /etc/shadow file.
When the system is set up in compat mode (/etc/nsswitch.conf), sudo is still using the shadow file to match the password of the + users (+userid in /etc/passwd) instead of NIS.
The solution for the moment is to take the x out of the shadow file and everything performs as it did in Solaris 2.6. But I it would seem that the sudo gods need to take a look at this and come up with a better solution for dealing with it.
(I did test to make sure that a null password does not work when using sudo or otherwise with a blank password field in /etc/shadow)
Thanks Again Darren!!!!!
> From: Greene Jason-RB512C <RB512C at motorola.com>
> Subject: Solairs 8 compat mode
> Hello All,
> I am having an issue using sudo in (NIS) compat mode on solaris 8.
> I currently have several solaris 2.6 machines in this configuration that work. The passwd file has entries for the users I want to allow on the machine.
> passwd: compat
> group: compat
> Sudo works perfect on solaris 2.6 with this setup. But on solaris 8, sudo will never accept the valid password. If I change /etc/nsswitch.conf back to "passwd: files nis" then sudo works fine, but I do not get the restricted login I am looking for.
> I'm I way off here? Should I be looking into pam modules now? I cannot seem to find this problem searching the web.
> Thanks in advance,
> Jason Greene (rb512c)
More information about the sudo-users