Bug 244874 - cannot run sudo as non root user
cannot run sudo as non root user
Status: CLOSED WORKSFORME
Product: Fedora
Classification: Fedora
Component: sudo (Show other bugs)
7
All Linux
low Severity high
: ---
: ---
Assigned To: Peter Vrabec
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-06-19 12:11 EDT by Jeroen Beerstra
Modified: 2007-11-30 17:12 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-06-24 12:41:23 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
pam default policy (683 bytes, application/octet-stream)
2007-06-24 14:01 EDT, Jeroen Beerstra
no flags Details
pam sudo policy (202 bytes, application/octet-stream)
2007-06-24 14:02 EDT, Jeroen Beerstra
no flags Details

  None (edit)
Description Jeroen Beerstra 2007-06-19 12:11:09 EDT
Description of problem: whenever I try to run sudo as a non root user it keeps
asking me for a passwords and eventually bails out.


Version-Release number of selected component (if applicable): sudo-1.6.8p12-14.fc7


How reproducible:


Steps to Reproduce:
1. $sudo ls
2. enter root password 3 times
  
Actual results: sudo will bail out with an error


Expected results: sudo should accept my password


Additional info: I do use pam_mount for my cryptohomes, however it is not
included in either /etc/pam.d/system-auth nor /etc/pam.d/sudo
Comment 1 Peter Vrabec 2007-06-24 12:41:23 EDT
$ sudo grep wheel /etc/sudoers
Password:
## Allows people in group wheel to run all commands
%wheel  ALL=(ALL)       ALL
# %wheel        ALL=(ALL)       NOPASSWD: ALL

$ id
uid=500(peter) gid=500(peter) groups=10(wheel),14(uucp),500(peter) 
context=user_u:system_r:unconfined_t

$ rpm -q fedora-release sudo
fedora-release-7-3
sudo-1.6.8p12-14.fc7

check your sudoers file, please.
Comment 2 Jeroen Beerstra 2007-06-24 13:41:47 EDT
$ sudo grep wheel /etc/sudoers
Password:
Sorry, try again.
Password:
Sorry, try again.
Password:
Sorry, try again.
sudo: 3 incorrect password attempts

# sudo grep wheel /etc/sudoers
## Allows people in group wheel to run all commands
%wheel  ALL=(ALL)       ALL
# %wheel        ALL=(ALL)       NOPASSWD: ALL

$ id
uid=500(jeroen) gid=500(jeroen) groepen=10(wheel),500(jeroen)
context=user_u:system_r:unconfined_t

$ rpm -q fedora-release sudo
fedora-release-7-3
sudo-1.6.8p12-14.fc7

Strange, very strange, and yes I do know my root password ;)
The funny thing is if I enable this line in /etc/sudoers it does work, however
this is not what I want:

# grep jeroen /etc/sudoers
#jeroen ALL=(ALL)       NOPASSWD: ALL
Comment 3 Jeroen Beerstra 2007-06-24 14:01:20 EDT
Created attachment 157718 [details]
pam default policy
Comment 4 Jeroen Beerstra 2007-06-24 14:02:01 EDT
Created attachment 157719 [details]
pam sudo policy
Comment 5 Jeroen Beerstra 2007-06-24 14:03:20 EDT
Can this be related to pam_mount? I attached my /etc/pam.d/system-auth-ac and
/etc/pam.d/sudo, please be so kind to review these, I'm sure these are like they
should be, but just to make sure.
Comment 6 Peter Vrabec 2007-06-25 07:51:39 EDT
One important thing.
Sudo doesn't ask u for root password, it asks for password of the current 
user.
Comment 7 Jeroen Beerstra 2007-06-25 11:55:17 EDT
Thank you very much, my apologies for my ignorance when it comes to sudo. Been a
Redhat user for about a decade by now, but never really needed sudo.

Note You need to log in before you can comment on or make changes to this bug.