Borresen, John - 0444 - MITLL wrote:
The sudoers rules are being "seen" but not implemented:
# sudo -l -U jdoe
Matching Defaults entries for jdoe on this host:
requiretty, !visiblepw, always_set_home, env_reset, env_keep="COLORSDISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR LS_COLORS", env_keep+="MAIL PS1 PS2 QTDIR USERNAME LANG
LC_ADDRESS LC_CTYPE", env_keep+="LC_COLLATE LC_IDENTIFICATIONLC_MEASUREMENT LC_MESSAGES", env_keep+="LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE",
env_keep+="LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY",secure_path=/sbin:/bin:/usr/sbin:/usr/bin
Are those sudoers entries from LDAP?
When user jdoe tries to run a sudo command: # sudo su - sudo: sudo_ldap_lookup(0)=0x02 Sorry, try again. Sorry, try again. Sorry, try again. sudo: 3 incorrect password attempts
I guess there's something wrong with your PAM config. Check that.
Also seeing in the log files, that
bdb_substring_candidates: (sudoHost) not indexed
This is only meaningful for efficiency and does not say something about why it fails to work.
Ciao, MIchael.