[sudo-users] sudo fails after version 1.8.23 upgrade in Centos7
Fory Horio
Fory.Horio at roguewave.com
Thu Dec 6 18:02:53 MST 2018
We have CentOS Linux release 7.6.1810 (Core) with SELINUX enforced with ssh login with "no password login". Users' password are never set.
sudo was upgraded from:
Sudo version 1.8.19p2
to:
Sudo version 1.8.23
After the upgrade, sudo no longer works:
sudo ls
sudo: pam_open_session: System error
sudo: policy plugin failed session initialization
tail -20 /var/log/secure
Dec 7 00:58:23 gw-a2-eu sudo: pam_unix(sudo:account): account shorio has expired (failed to change password)
Dec 7 00:58:23 gw-a2-eu sudo: shorio : TTY=pts/0 ; PWD=/home/shorio ; USER=root ; COMMAND=/bin/ls
Dec 7 00:58:23 gw-a2-eu sudo: PAM pam_set_item: NULL pam handle passed
Dec 7 00:58:23 gw-a2-eu sudo: PAM pam_setcred: NULL pam handle passed
Dec 7 00:58:23 gw-a2-eu sudo: PAM pam_open_session: NULL pam handle passed
Dec 7 00:58:23 gw-a2-eu sudo: shorio : pam_open_session: System error ; TTY=pts/0 ; PWD=/home/shorio ; USER=root ; COMMAND=/bin/ls
In /var/log/audit/audit.log
type=USER_ACCT msg=audit(1544144303.743:379362): pid=767 uid=1003 auid=4294967295 ses=4294967295 subj=unconfined_u:un
confined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=? acct="shorio" exe="/usr/bin/sudo" hostname=?
addr=? terminal=/dev/pts/0 res=failed'
More information about the sudo-users
mailing list