[sudo-users] sudo and PAM and garbage text and sample PAM.
Todd C. Miller
Todd.Miller at courtesan.com
Wed Feb 2 19:24:01 EST 2005
In message <Pine.LNX.4.43.0502021538350.32296-100000 at pilchuck.reedmedia.net>
so spake "Jeremy C. Reed" (reed):
> And now sudo prompted me, but failed:
>
> reed at puget:~$ sudo ls
> Password:
> sudo: contact your system administrator, ÄÇEüAccount or password is expired
> Sorry, try again.
> Password:
> Notice the strange character codes (\xc4\xc7E\xfc) above.
That should be:
sudo: Account or password is expired, contact your system administrator
Looking at the code I don't see an obvious problem but I'll try and
reproduce with a Linux PAM system of my own.
> So now I just copied my /etc/pam.d/su to sudo and it worked. It has:
>
> auth sufficient pam_rootok.so
> auth required pam_unix.so
> account required pam_unix.so
> session required pam_unix.so
I believe it is the "session" part that you were missing. Unfortunately,
each Linux distro seems to have a different PAM setup so there is
no way to distribute a sudo PAM file that will work with them all.
- todd
More information about the sudo-users
mailing list