[sudo-users] no tty present and no askpass program specified
Gonzalez, Aliep
aliep.gonzalez at rbc.com
Tue Nov 1 10:17:46 EDT 2011
Hello list
Environment: sudo 1.7.4p6 on Solaris 10 update 9.
I have an application user (uyqn0001) that logs in to the system in a
non-interactive mode (through a utility called Universal Command) and
tries to execute a command as another user (dspace), as shown below:
/bin/su - dspace -c cd /u/app/dspace/batch/feeds/monaco ;
./MonacoTradeInactiveDataCleanup.sh
That used to be working fine for years, until the server was upgraded
from Solaris 10 update 7 to update 9. At that point, the job started
failing with:
sudo: [ID 702911 auth.alert] uyqn0001 : no tty present and no askpass
program specified ; TTY=unknown ; PWD=/home/uyqn0001 ; USER=root ;
COMMAND=/bin/su - dspace -c cd /u/app/dspace/batch/feeds/monaco ;
./MonacoTradeInactiveDataCleanup.sh
Setting "Defaults visiblepw" in /etc/sudoers seems the suggested
solution for this issue. However, when I do so, sudo throws the below
error:
sudo: [ID 702911 auth.alert] uyqn0001 : pam_authenticate: Conversation
failure ; TTY=unknown ; PWD=/home/uyqn0001 ; USER=root ; COMMAND=/bin/su
- dspace -c cd /u/app/dspace/batch/feeds/monaco ;
./MonacoTradeInactiveDataCleanup.sh
Has anybody out there seen a similar error before? Below are the
relevant pam.conf entries:
root at usvdspcp1:/usr/lib/security> uname -a
SunOS usvdspcp1 5.10 Generic_142909-17 sun4u sparc SUNW,SPARC-Enterprise
root at usvdspcp1:/usr/lib/security> cat /etc/release
Oracle Solaris 10 9/10 s10s_u9wos_14a SPARC
Copyright (c) 2010, Oracle and/or its affiliates. All rights
reserved.
Assembled 11 August 2010
root at usvdspcp1:/usr/lib/security> grep other /etc/pam.conf
other auth requisite pam_authtok_get.so.1
other auth required pam_dhkeys.so.1
other auth required pam_unix_cred.so.1
other auth binding pam_unix_auth.so.1 server_policy
other auth required pam_ldap.so.1
other account requisite pam_roles.so.1
other account binding pam_unix_account.so.1 server_policy
other account required pam_ldap.so.1
other session required pam_unix_session.so.1
other password required pam_dhkeys.so.1
other password requisite pam_authtok_get.so.1
other password requisite pam_authtok_check.so.1
other password required pam_authtok_store.so.1 server_policy
root at usvdspcp1:/usr/lib/security> sudo -V|head -1
Sudo version 1.7.4p6
root at usvdspcp1:/usr/lib/security>
I checked all the pam libraries and none of them was changed during the
upgrade.
Thanks in advance,
AG
_______________________________________________________________________
This email may be privileged and/or confidential, and the
sender does not waive any related rights and obligations.
Any distribution, use or copying of this email or the
information it contains by other than an intended recipient
is unauthorized. If you received this email in error,
please advise the sender (by return email or otherwise)
immediately. You have consented to receive the attached
electronically at the above-noted email address; please retain a
copy of this confirmation for future reference.
Ce courriel est confidentiel et protégé. L'expéditeur ne renonce
pas aux droits et obligations qui s'y rapportent. Toute diffusion,
utilisation ou copie de ce courriel ou des renseignements qu'il
contient par une personne autre que le (les) destinataire(s)
désigné(s) est interdite. Si vous recevez ce courriel par erreur,
veuillez en aviser lexpéditeur immédiatement, par retour de courriel
ou par un autre moyen. Vous avez accepté de recevoir le(s) document(s)
ci-joint(s) par voie électronique à ladresse courriel indiquée ci-dessus;
veuillez conserver une copie de cette confirmation pour les fins de reference future.
More information about the sudo-users
mailing list