[sudo-users] sudo and PAM and garbage text and sample PAM.

Jeremy C. Reed reed at reedmedia.net
Thu Feb 3 14:09:07 EST 2005


Some more information:

I used just:
 auth    required        pam_unix.so

montecristo:~$ sudo ls
Password:
sudo: contact your system administrator, ÄÇEüAccount or password is expired
Sorry, try again.
Password:
sudo: contact your system administrator, ÄÉÃUåÿ5$hdè}ÿÿÄÇEüEüxAccount or password is expired
Sorry, try again.
Password:
Sorry, try again.
sudo: 3 incorrect password attempts
montecristo:~$

Above I typed in password correctly two times.

Then I tried:

auth    sufficient      pam_rootok.so
auth    required        pam_unix.so

And I never got a chance to type in my password:

montecristo:~$ sudo ls
sudo: contact your system administrator, ÄÇEüAccount or password is expired
Sorry, try again.
sudo: contact your system administrator, ÄÉÃUåÿ5$hdè}ÿÿÄÇEüEüxAccount or password is expired
Sorry, try again.
sudo: contact your system administrator, ÄÉÃUåÿ5$hdè}ÿÿÄÇEüEüxAccount or password is expired
Sorry, try again.
sudo: 3 incorrect password attempts
^[[?1;2c^[[?1;2cmontecristo:~$ 1;2c1;2c
-sh: 1: command not found
-sh: 2c1: command not found
-sh: 2c: command not found

Notice above some junk was sent to command line and bash attempted to run it.

Then I tried:

auth    sufficient      pam_rootok.so
auth    required        pam_unix.so
account required        pam_unix.so

sudo ls worked -- and no password was typed.

Then I tried:

auth    required        pam_unix.so
session required        pam_unix.so

And I typed in the wrong password three times:

montecristo:~$ sudo ls
Password:
Sorry, try again.
Password:
Sorry, try again.
Password:
Sorry, try again.
sudo: 3 incorrect password attempts

Now I type in the correct password three times:

montecristo:~$ sudo ls
Password:
sudo: contact your system administrator, ÄÇEüAccount or password is expired
Sorry, try again.
Password:
sudo: contact your system administrator, ÄÉÃUåÿ5$hdè}ÿÿÄÇEüEüxAccount or password is expired
Sorry, try again.
Password:
Sorry, try again.
sudo: 3 incorrect password attempts


As far as I can tell, it never works with a password and from one
example above (when it does work) I didn't have to type in a password.

I should be prompted for a password, but I am not!

montecristo:~$ cat /etc/pam.d/sudo
# Begin /etc/pam.d/sudo
auth    sufficient      pam_rootok.so
auth    required        pam_unix.so
account required        pam_unix.so
session required        pam_unix.so
# End /etc/pam.d/sudo
montecristo:~$ sudo id
uid=0(root) gid=0(root) groups=0(root)

 Jeremy C. Reed

 	  	 	 open source, Unix, *BSD, Linux training
	  	 	 http://www.pugetsoundtechnology.com/





More information about the sudo-users mailing list