[sudo-users] sudo and PAM and garbage text and sample PAM.
Jeremy C. Reed
reed at reedmedia.net
Thu Feb 3 14:09:07 EST 2005
Some more information:
I used just:
auth required pam_unix.so
montecristo:~$ sudo ls
Password:
sudo: contact your system administrator, ÄÇEüAccount or password is expired
Sorry, try again.
Password:
sudo: contact your system administrator, ÄÉÃUåÿ5$hdè}ÿÿÄÇEüEüxAccount or password is expired
Sorry, try again.
Password:
Sorry, try again.
sudo: 3 incorrect password attempts
montecristo:~$
Above I typed in password correctly two times.
Then I tried:
auth sufficient pam_rootok.so
auth required pam_unix.so
And I never got a chance to type in my password:
montecristo:~$ sudo ls
sudo: contact your system administrator, ÄÇEüAccount or password is expired
Sorry, try again.
sudo: contact your system administrator, ÄÉÃUåÿ5$hdè}ÿÿÄÇEüEüxAccount or password is expired
Sorry, try again.
sudo: contact your system administrator, ÄÉÃUåÿ5$hdè}ÿÿÄÇEüEüxAccount or password is expired
Sorry, try again.
sudo: 3 incorrect password attempts
^[[?1;2c^[[?1;2cmontecristo:~$ 1;2c1;2c
-sh: 1: command not found
-sh: 2c1: command not found
-sh: 2c: command not found
Notice above some junk was sent to command line and bash attempted to run it.
Then I tried:
auth sufficient pam_rootok.so
auth required pam_unix.so
account required pam_unix.so
sudo ls worked -- and no password was typed.
Then I tried:
auth required pam_unix.so
session required pam_unix.so
And I typed in the wrong password three times:
montecristo:~$ sudo ls
Password:
Sorry, try again.
Password:
Sorry, try again.
Password:
Sorry, try again.
sudo: 3 incorrect password attempts
Now I type in the correct password three times:
montecristo:~$ sudo ls
Password:
sudo: contact your system administrator, ÄÇEüAccount or password is expired
Sorry, try again.
Password:
sudo: contact your system administrator, ÄÉÃUåÿ5$hdè}ÿÿÄÇEüEüxAccount or password is expired
Sorry, try again.
Password:
Sorry, try again.
sudo: 3 incorrect password attempts
As far as I can tell, it never works with a password and from one
example above (when it does work) I didn't have to type in a password.
I should be prompted for a password, but I am not!
montecristo:~$ cat /etc/pam.d/sudo
# Begin /etc/pam.d/sudo
auth sufficient pam_rootok.so
auth required pam_unix.so
account required pam_unix.so
session required pam_unix.so
# End /etc/pam.d/sudo
montecristo:~$ sudo id
uid=0(root) gid=0(root) groups=0(root)
Jeremy C. Reed
open source, Unix, *BSD, Linux training
http://www.pugetsoundtechnology.com/
More information about the sudo-users
mailing list