[SOLVED] sudo appears to be using shadow authentication (Slackware64 -current)

pghvlaans · 03-13-2021, 07:05 AM

EDIT: Fixed in the rebuilt version. Thanks, Pat!

Hey, folks. I posted about this in the requests thread, but it got buried. In the interest of saving space, the details are in the original post. The short version is that sudo on -current appears to be using shadow authentication instead of PAM authentication for 64-bit systems because LIBDIRSUFFIX is not set in the SlackBuild.

I did a little poking around by compiling sudo with PAM and with shadow and testing both versions against the stock package. A script ran "time sudo id" 1000 times and found the average; the test was run five times for each version of the package. These were the results:

Quote:

stock average: 0.007203
PAM average: 0.025647
PAM average: 0.023268
shadow average: 0.007461
stock average: 0.007343
shadow average: 0.00431
shadow average: 0.004293
shadow average: 0.004641
PAM average: 0.02575
PAM average: 0.015216
PAM average: 0.0212
stock average: 0.004787
stock average: 0.004099
stock average: 0.004298
shadow average: 0.00448

So, at least on my system, it looks as though sudo behaves like it uses shadow instead of PAM. Can anyone confirm the results? The script used and a patch to add LIBDIRSUFFIX to the sudo SlackBuild are attached.

jr_bob_dobbs · 03-13-2021, 07:29 AM

Is this a bad thing?

pghvlaans · 03-13-2021, 07:35 AM

Not necessarily, just if you care about PAM.

I wouldn't have brought it up, but the SlackBuild contains code for detecting a PAM installation, so it's probably meant to run that way. Also, it would use PAM authentication if compiled on a 32-bit system.