Bug 244874 - cannot run sudo as non root user
Summary: cannot run sudo as non root user
Status: CLOSED WORKSFORME
Alias: None
Product: Fedora
Classification: Fedora
Component: sudo   
(Show other bugs)
Version: 7
Hardware: All
OS: Linux
low
high
Target Milestone: ---
Assignee: Peter Vrabec
QA Contact: Ben Levenson
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-06-19 16:11 UTC by Jeroen Beerstra
Modified: 2007-11-30 22:12 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-06-24 16:41:23 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
pam default policy (683 bytes, application/octet-stream)
2007-06-24 18:01 UTC, Jeroen Beerstra
no flags Details
pam sudo policy (202 bytes, application/octet-stream)
2007-06-24 18:02 UTC, Jeroen Beerstra
no flags Details

Description Jeroen Beerstra 2007-06-19 16:11:09 UTC
Description of problem: whenever I try to run sudo as a non root user it keeps
asking me for a passwords and eventually bails out.


Version-Release number of selected component (if applicable): sudo-1.6.8p12-14.fc7


How reproducible:


Steps to Reproduce:
1. $sudo ls
2. enter root password 3 times
  
Actual results: sudo will bail out with an error


Expected results: sudo should accept my password


Additional info: I do use pam_mount for my cryptohomes, however it is not
included in either /etc/pam.d/system-auth nor /etc/pam.d/sudo

Comment 1 Peter Vrabec 2007-06-24 16:41:23 UTC
$ sudo grep wheel /etc/sudoers
Password:
## Allows people in group wheel to run all commands
%wheel  ALL=(ALL)       ALL
# %wheel        ALL=(ALL)       NOPASSWD: ALL

$ id
uid=500(peter) gid=500(peter) groups=10(wheel),14(uucp),500(peter) 
context=user_u:system_r:unconfined_t

$ rpm -q fedora-release sudo
fedora-release-7-3
sudo-1.6.8p12-14.fc7

check your sudoers file, please.


Comment 2 Jeroen Beerstra 2007-06-24 17:41:47 UTC
$ sudo grep wheel /etc/sudoers
Password:
Sorry, try again.
Password:
Sorry, try again.
Password:
Sorry, try again.
sudo: 3 incorrect password attempts

# sudo grep wheel /etc/sudoers
## Allows people in group wheel to run all commands
%wheel  ALL=(ALL)       ALL
# %wheel        ALL=(ALL)       NOPASSWD: ALL

$ id
uid=500(jeroen) gid=500(jeroen) groepen=10(wheel),500(jeroen)
context=user_u:system_r:unconfined_t

$ rpm -q fedora-release sudo
fedora-release-7-3
sudo-1.6.8p12-14.fc7

Strange, very strange, and yes I do know my root password ;)
The funny thing is if I enable this line in /etc/sudoers it does work, however
this is not what I want:

# grep jeroen /etc/sudoers
#jeroen ALL=(ALL)       NOPASSWD: ALL

Comment 3 Jeroen Beerstra 2007-06-24 18:01:20 UTC
Created attachment 157718 [details]
pam default policy

Comment 4 Jeroen Beerstra 2007-06-24 18:02:01 UTC
Created attachment 157719 [details]
pam sudo policy

Comment 5 Jeroen Beerstra 2007-06-24 18:03:20 UTC
Can this be related to pam_mount? I attached my /etc/pam.d/system-auth-ac and
/etc/pam.d/sudo, please be so kind to review these, I'm sure these are like they
should be, but just to make sure.

Comment 6 Peter Vrabec 2007-06-25 11:51:39 UTC
One important thing.
Sudo doesn't ask u for root password, it asks for password of the current 
user.


Comment 7 Jeroen Beerstra 2007-06-25 15:55:17 UTC
Thank you very much, my apologies for my ignorance when it comes to sudo. Been a
Redhat user for about a decade by now, but never really needed sudo.


Note You need to log in before you can comment on or make changes to this bug.