Help for PAM when account section is missing
This commit is contained in:
Todd C. Miller
@@ -18,9 +18,19 @@ A) Sudo must be setuid root to do its work. You need to do something like
|
|||||||
to have '.' in your path you should make sure it is at the end.
|
to have '.' in your path you should make sure it is at the end.
|
||||||
|
|
||||||
Q) Sudo never gives me a chance to enter a password using PAM, it just
|
Q) Sudo never gives me a chance to enter a password using PAM, it just
|
||||||
says 'Sorry, try again.' three times and quits.
|
says 'Sorry, try again.' three times and exits.
|
||||||
A) You didn't setup PAM to work with sudo. On Linux this generally
|
A) You didn't setup PAM to work with sudo. On Redhat Linux or Fedora
|
||||||
means installing sample.pam as /etc/pam.d/sudo.
|
Core this generally means installing sample.pam as /etc/pam.d/sudo.
|
||||||
|
See the sample.pam file for hints on what to use for other Linux
|
||||||
|
systems.
|
||||||
|
|
||||||
|
Q) Sudo says 'Account expired or PAM config lacks an "account"
|
||||||
|
section for sudo, contact your system administrator' and exits
|
||||||
|
but I know my account has not expired.
|
||||||
|
A) Your PAM config lacks an "account" specification. On Linux this
|
||||||
|
usually means you are missing a line like:
|
||||||
|
account required pam_unix.so
|
||||||
|
in /etc/pam.d/sudo.
|
||||||
|
|
||||||
Q) Sudo is setup to log via syslog(3) but I'm not getting any log
|
Q) Sudo is setup to log via syslog(3) but I'm not getting any log
|
||||||
messages.
|
messages.
|
||||||
|
|||||||
Reference in New Issue
Block a user