[sudo-users] sudo 1.6.8p9 error

Bob Hall shaezyra at yahoo.com
Thu Dec 1 13:47:28 EST 2005

I'm having an odd issue with sudo 1.6.8p9 that has
me a little stumped, and I was hoping that somebody 
might have a suggestion. The host where this problem 
is occuring is using NIS with automounted user home 
directories. (Don't ask... :) The /etc/sudoers file 
is the usual 0440 perms, with 0:0 as owner:group. The 
sudoers file contains the following (modified slightly 
to protect our account information):

User_Alias TESTUSERS = brd100a, tuf200d, fix300s

TESTUSERS ALL = (testacct) ALL

the goal being to allow the selected users to be able 
to run:

  % sudo -H -u testacct -s

and thus operate a shell as the testacct. (The 
testacct is also an NIS entry with an automounted home 
directory.) Unfortunately, when one of the TESTUSERS 
tries to do this, after typing in their password they 
get the message back:

  tuf200d is not in the sudoers file. This incident 
  will be reported.

The same occurred for the brd100a and fix300s accounts. 
Likewise a "sudo -l" showed that tuf200d was not in the 
sudoers file.

I tried reproducing this on a system that was running 
NIS, but where the accounts and home directories were 
local. At first the error was repeatable, but after a 
few changes to the TESTUSERS line it started working. 
I then restored the TESTUSERS line and it continued to 
work. Thinking that I'd somehow nudged sudo into 
working, I tried the same changes to sudoers on the 
original host but it stubbornly continued to generate 
the error message.

Has anybody run into this? Could it be something to do 
with account lookups in NIS or possibly a timeout with 
the home directory automount. I've checked the 
troubleshooting pages and the sudoers manuals, but no 
luck. Any suggestions would be appreciated.

Thank you!

  Bob Hall

Bob -- hiddenway.tripod.com/contents.html

Yahoo! DSL – Something to write home about.
Just $16.99/mo. or less.

More information about the sudo-users mailing list