[sudo-users] Sudo Question

Mark Tso marktso777 at gmail.com
Thu Aug 5 18:47:23 EDT 2010


I am using a PAM module from
http://www.dm.unibo.it/~donatini/admin/libnss_ato/.  With this PAM, I don't
need to define my  test users in /etc/passwd/shadow or nis or nis+ or ldap.
I have a OTP PAM configured for ssh and that's working great.

In short, with this PAM module, all the users are now mapped to one
functional account (test).

When userA logs he sees:
$ id
uid=1000(test) gid=1000(test)
$ echo $LOGNAME
$ echo $SUDO_USER
$ sudo cat /etc/shadow
[sudo] enter password for test:

I don't want sudo to prompt for the functional account (test) password. I
want it to prompt the userA's password. It should say:

How do I change this to:

$ sudo cat /etc/shadow
[sudo] enter password for userA:

Once I figure that out, I need userA to have the ability to scsu and userB
should get denied.

Thanks in advance


More information about the sudo-users mailing list