[sudo-users] "sudo -i" run time error

Divya Thaluru divya.thaluru at gmail.com
Wed Oct 19 11:43:48 MDT 2016 

Hi,

When I do "sudo -i" , I am hitting the error "policy plugin failed session
initialization". I have added debug log and pam configuration. The fix may
be as simple as fixing configuration, but I am not able to figure it out.
Can someone point me  what I am missing here?


*root at photon-437e02e08141 [ *~* ]# *sudo -i

sudo: policy plugin failed session initialization

>From sudo debug log:

Oct 19 17:22:43 sudo[4358] -> policy_init_session @ ./sudo.c:1322

Oct 19 17:22:43 sudo[4358] -> sudoers_policy_init_session @ ./policy.c:680

Oct 19 17:22:43 sudo[4358] -> sudo_auth_begin_session @
./auth/sudo_auth.c:341

Oct 19 17:22:43 sudo[4358] -> sudo_pam_begin_session @ ./auth/pam.c:223

Oct 19 17:22:43 sudo[4358] pam_setcred: Failure setting user credentials @
sudo_pam_begin_session() ./auth/pam.c:268

Oct 19 17:22:43 sudo[4358] pam_open_session: Cannot make/remove an entry
for the specified session @ sudo_pam_begin_session() ./auth/pam.c:277

Oct 19 17:22:43 sudo[4358] <- sudo_pam_begin_session @ ./auth/pam.c:310 := 3

Oct 19 17:22:43 sudo[4358] <- sudo_auth_begin_session @
./auth/sudo_auth.c:350 := -1

Oct 19 17:22:43 sudo[4358] <- sudoers_policy_init_session @ ./policy.c:686
:= -1

Oct 19 17:22:43 sudo[4358] <- policy_init_session @ ./sudo.c:1340 := -1

Oct 19 17:22:43 sudo[4358] policy plugin failed session initialization @
sudo_execute() ./exec.c:447

Oct 19 17:22:43 sudo[4358] -> sudoers_cleanup @ ./sudoers.c:1164

Oct 19 17:22:43 sudo[4358] <- sudoers_cleanup @ ./sudoers.c:1176



Pam configuration:

*root at photon-437e02e08141 [ *~* ]# *cat /etc/pam.d/sudo

#%PAM-1.0

auth       include      system-auth

account    include      system-account

password   include      system-password

session    include      system-session

session    required     pam_env.so

*root at photon-437e02e08141 [ *~* ]# *cat /etc/pam.d/system-auth

# Begin /etc/pam.d/system-auth


auth      required    pam_unix.so


# End /etc/pam.d/system-auth

*root at photon-437e02e08141 [ *~* ]# *cat /etc/pam.d/system-account

# Begin /etc/pam.d/system-account


account   required    pam_unix.so


# End /etc/pam.d/system-account

*root at photon-437e02e08141 [ *~* ]# *cat /etc/pam.d/system-password

# Begin /etc/pam.d/system-password


# use sha512 hash for encryption, use shadow, and try to use any previously

# defined authentication token (chosen password) set by any prior module

password  requisite   pam_cracklib.so

password  required    pam_unix.so       sha512 shadow try_first_pass


# End /etc/pam.d/system-password

*root at photon-437e02e08141 [ *~* ]# *cat /etc/pam.d/system-session

# Begin /etc/pam.d/system-session


session   required    pam_unix.so

session   required    pam_limits.so

session   optional    pam_systemd.so


# End /etc/pam.d/system-session


Thanks
Divya

More information about the sudo-users mailing list