LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Ubuntu
User Name
Password
Ubuntu This forum is for the discussion of Ubuntu Linux.

Notices


Reply
  Search this Thread
Old 06-27-2018, 11:52 AM   #1
coldbeer
Member
 
Registered: May 2006
Location: Orion–Cygnus Arm, MWG
Distribution: Slackware, Ubuntu
Posts: 248

Rep: Reputation: 130Reputation: 130
Ubuntu 18.04 Changing account password in GUI broke sudo


The account name here is "tv".

Set up the account:
# adduser tv
# usermod -a -G sudo tv

Then log into account GUI.
Then upper right screen power icon->tv->account settings-> change password.

Go to terminal:

Code:
$ sudo su
[sudo] password for tv: *******
tv is not in the sudoers file.  This incident will be reported.
tv@c3:~$ su root
Password: ******
root@c3:/home/tv# cat /etc/group | grep sudo
sudo:x:27:tv
And it doesn't matter if I use passwd or usermod again. Says tv is not in sudoers file but it is.

auth.log
Code:
Jun 27 12:44:20 c3 gdm-password]: pam_unix(gdm-password:session): session opened for user tv by (uid=0)
Jun 27 12:44:20 c3 systemd-logind[783]: New session 9 of user tv.
Jun 27 12:44:21 c3 gnome-keyring-daemon[3799]: failed to unlock login keyring on startup
Jun 27 12:44:22 c3 polkitd(authority=local): Registered Authentication Agent for unix-session:9 (system bus name :1.223 [/usr/bin/gnome-shell], object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8)
Jun 27 12:44:36 c3 sudo:       tv : user NOT in sudoers ; TTY=pts/0 ; PWD=/home/tv ; USER=root ; COMMAND=/bin/su
Jun 27 12:44:43 c3 su[4289]: Successful su for root by tv
Jun 27 12:44:43 c3 su[4289]: + /dev/pts/0 tv:root
Jun 27 12:44:43 c3 su[4289]: pam_unix(su:session): session opened for user root by (uid=1003)

Last edited by coldbeer; 06-27-2018 at 11:56 AM.
 
Old 06-27-2018, 02:39 PM   #2
michaelk
Moderator
 
Registered: Aug 2002
Posts: 17,484

Rep: Reputation: 2284Reputation: 2284Reputation: 2284Reputation: 2284Reputation: 2284Reputation: 2284Reputation: 2284Reputation: 2284Reputation: 2284Reputation: 2284Reputation: 2284
Quote:
tv is not in the sudoers file.
Just like the warning message states the username tv is not in the sudoers file i.e /etc/sudoers which is not the same thing as being in the sudo group.

To add your user to the sudoers file use the visudo command as root.

https://www.digitalocean.com/communi...ntu-and-centos
 
Old 06-27-2018, 02:56 PM   #3
hazel
Senior Member
 
Registered: Mar 2016
Location: Harrow, UK
Distribution: Debian, Crux, LFS, AntiX
Posts: 2,163
Blog Entries: 5

Rep: Reputation: 939Reputation: 939Reputation: 939Reputation: 939Reputation: 939Reputation: 939Reputation: 939Reputation: 939
Everything depends on whether the sudo group has already been given full sudo access in /etc/sudoers. If so, adding a new user to that group will give him full sudo access by virtue of his group membership. But if not, then sudo will check the individual user's sudo access and reject him if he is not personally listed in sudoers.
 
Old 06-27-2018, 03:06 PM   #4
coldbeer
Member
 
Registered: May 2006
Location: Orion–Cygnus Arm, MWG
Distribution: Slackware, Ubuntu
Posts: 248

Original Poster
Rep: Reputation: 130Reputation: 130
In /etc/sudoers I have this which works for every account until I change the password as the user in the user's GUI

Code:
# Allow members of group sudo to execute any command
%sudo	ALL=(ALL:ALL) NOPASSWD: ALL
Again in the group file:
Code:
sudo:x:27:tv
And it does work with $ sudo su before I change the password in the GUI. Afterwards it stops working.

For giggles I added this to the sudoers file
Code:
tv      ALL=(ALL:ALL) ALL
Which then when I $ sudo su asks for the password and then is successful. But is not a normal thing. Why would changing my password in the GUI make $ sudo su ignore the sudo group settings?

Last edited by coldbeer; 06-27-2018 at 03:09 PM.
 
Old 06-27-2018, 04:23 PM   #5
michaelk
Moderator
 
Registered: Aug 2002
Posts: 17,484

Rep: Reputation: 2284Reputation: 2284Reputation: 2284Reputation: 2284Reputation: 2284Reputation: 2284Reputation: 2284Reputation: 2284Reputation: 2284Reputation: 2284Reputation: 2284
I'm not sure except that you might have to logout then log back in once you change the password.
 
Old 06-27-2018, 08:15 PM   #6
coldbeer
Member
 
Registered: May 2006
Location: Orion–Cygnus Arm, MWG
Distribution: Slackware, Ubuntu
Posts: 248

Original Poster
Rep: Reputation: 130Reputation: 130
I have rebooted the system many times.

Another odd symptom was when I would entered the command $ groups the sudo wasn't there when it was there in the /etc/group file.

Anyways I got it working again.

I remember that while I was trying to change my file with the GUI, I also edited the /etc/pam.d/common-password file to remove the obscure modifier. That when this started.

So I ran
Code:
# pam-auth-update
Disabled all the pam modules, then rebooted, then ran the comand again and reenabled the previous pam modules and rebooted again. It re-wrote the /etc/pam.d /common-password file and now its working again.

And $ groups returns the sudo group and sudo works.

Last edited by coldbeer; 06-27-2018 at 08:16 PM.
 
Old 06-27-2018, 08:17 PM   #7
michaelk
Moderator
 
Registered: Aug 2002
Posts: 17,484

Rep: Reputation: 2284Reputation: 2284Reputation: 2284Reputation: 2284Reputation: 2284Reputation: 2284Reputation: 2284Reputation: 2284Reputation: 2284Reputation: 2284Reputation: 2284
If desired you can mark the thread as solved using the Thread Tools pull down menu at the top.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Unable to sign in after changing password on an account jamescobban Linux - Security 6 04-27-2017 08:19 AM
[SOLVED] Changing from sudo accounts to a root account with password sniff SUSE / openSUSE 2 11-28-2014 11:27 AM
sudo password not same as root password - ubuntu 11.04. hence can't access partitions daudiam Linux - Newbie 1 09-03-2011 11:02 AM
Can't use sudo, only account that's not root is not a sudo'ers [Ubuntu 9.10] randyriver10 Linux - Desktop 1 01-09-2010 07:56 PM
changing the sudo password? SSJGoku Fedora 1 05-17-2009 06:04 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Ubuntu

All times are GMT -5. The time now is 10:10 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration