Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
02-09-2006, 09:43 AM
|
#1
|
|
Member
Registered: Jun 2005
Posts: 374
Rep: 
|
sudo problem
Hi,
I'm running Suse 10 and have domain authentication working correctly via samba+winbind+kerberos. I can log on via ssh as administrator of the domain or locally via console. I've added the following line to sudoers:
Code:
administrator ALL=(ALL) ALL
but I still can't "sudo su". I get the message:
Code:
sudo: pam_authenticate: User not known to the underlying authentication module
I've checked the pam for sudo and it references the four common-* files which ssh and login also use so this should just work.
This all works on another gentoo machine.
What have I missed? |
|
|
|
|
02-09-2006, 10:25 AM
|
#2
|
|
Senior Member
Registered: Feb 2004
Location: England
Distribution: Slackware 14.2
Posts: 1,491
Rep:
|
can you run other sudo function e.g. sudo cat /etc/passwd
or is just switching user (su) and the associated authentication.....
|
|
|
|
|
02-09-2006, 10:28 AM
|
#3
|
|
Member
Registered: Jun 2005
Posts: 374
Original Poster
Rep:
|
no, it's a sudo problem, I can't do "sudo bash" either and the error is always the same from the sudo pam_authentication not finding the domain user, even though it appears in getent passwd and wbinfo -u and I am logged in as that user via SSH...
|
|
|
|
|
02-09-2006, 10:45 AM
|
#4
|
|
Senior Member
Registered: Feb 2004
Location: England
Distribution: Slackware 14.2
Posts: 1,491
Rep:
|
does it work when you are logged in locally?
|
|
|
|
|
02-09-2006, 10:50 AM
|
#5
|
|
Member
Registered: Jun 2005
Posts: 374
Original Poster
Rep:
|
ok sorted it, there were a couple of sneaky lines that this stupid suse machine had in there by default, removed them and all is working now, thanks. The lines were:
Code:
Defaults targetpw # ask for the password of the target user i.e. root
%users ALL=(ALL) ALL # WARNING! Only use this together with 'Defaults targetpw'
|
|
|
|
|
02-09-2006, 10:51 AM
|
#6
|
|
Senior Member
Registered: Feb 2004
Location: England
Distribution: Slackware 14.2
Posts: 1,491
Rep:
|
lol, i would have told you that if you had posted the entire file.
then again i hate those posts that give, say, an entire xorg.conf and then say 'so what's going wrong here guys'
|
|
|
|
|
02-09-2006, 11:01 AM
|
#7
|
|
Member
Registered: Jun 2005
Posts: 374
Original Poster
Rep:
|
yeah me too, who can be bothered to read whole xorg.conf when you can usually point to problem by symptom. Although here, because I'm confident in this, I didn't think my stuff was wrong, which is wasn't, but I didn't see the lines at the top of the file, I later just spotted them by accident after much frustration. Usually there is nothing enabled so you don't have to strip things out, don't know what was going on there, fresh suse machine...
will know to be more thorough next time!
thanks for helping...
|
|
|
|
All times are GMT -5. The time now is 02:39 AM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
