I have a fresh installation of CentOS 6.8 joined to a FreeIPA 4.3.0 domain on 
Fedora 23.

When I try to sudo on this host, it fails.  Here are the log entries from 
/var/log/secure.  Note that we have several hundred CentOS 6.5-6.7 machines 
where this works fine.

Is this a new bug in CentOS 6.8?

Jun  7 20:14:48 cass1 sudo: pam_unix(sudo:auth): authentication failure; 
logname=nathan.peters uid=756600344 euid=0 tty=/dev/pts/0 ruser=nathan.peters 
rhost=  user=nathan.peters
Jun  7 20:14:48 cass1 sudo: pam_sss(sudo:auth): authentication success; 
logname=nathan.peters uid=756600344 euid=0 tty=/dev/pts/0 ruser=nathan.peters 
rhost= user=nathan.peters
Jun  7 20:14:48 cass1 sudo: nathan.peters : user NOT authorized on host ; 
TTY=pts/0 ; PWD=/home/nathan.peters ; USER=root ; COMMAND=/bin/su -
Jun  7 20:15:22 cass1 sudo: pam_unix(sudo-i:auth): conversation failed
Jun  7 20:15:22 cass1 sudo: pam_unix(sudo-i:auth): auth could not identify 
password for [nathan.peters]
Jun  7 20:15:22 cass1 sudo: pam_sss(sudo-i:auth): authentication failure; 
logname=nathan.peters uid=756600344 euid=0 tty=/dev/pts/0 ruser=nathan.peters 
rhost= user=nathan.peters
Jun  7 20:15:22 cass1 sudo: pam_sss(sudo-i:auth): received for user 
nathan.peters: 7 (Authentication failure)
Jun  7 20:15:22 cass1 sudo: nathan.peters : user NOT authorized on host ; 
TTY=pts/0 ; PWD=/home/nathan.peters ; USER=root ; COMMAND=/bin/bash
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to