RE: [gentoo-user] sudo requires password twice
Can someone paste/send me their (stock) /etc/pam.d/sudo file? I don't do anything fancy and haven't purposefully edited this file, so I just want whatever the standard (current) Gentoo version is. This double prompting is very frustrating... DÆVID -Original Message- From: Boyd Stephen Smith Jr. [mailto:[EMAIL PROTECTED] Sent: Thursday, October 05, 2006 5:46 PM To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] sudo requires password twice On Thursday 05 October 2006 16:36, Daevid Vincent [EMAIL PROTECTED] wrote about 'RE: [gentoo-user] sudo requires password twice': I've not figured this out yet, so reposting in case someone has any ideas... Hrm, I either never got the original (not surprising) of I was just skimming my mail to quickly and missed your question (even less surprising). auth required /lib/security/pam_stack.so service=system-auth This line... authinclude system-auth and this one are redundant. They both run through the system-auth chain as part of authentication. In effect you are telling PAM that any sudo authentication needs to do system authentication twice w/ whatever pam_nologin does in between. You'll want to remove one or the other, after investigating any subtle differences between the two that I'm unaware of, which may or may not exist. (I haven't messed with PAM in months.) -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] sudo requires password twice
On Tuesday 07 November 2006 20:39, Daevid Vincent [EMAIL PROTECTED] wrote about 'RE: [gentoo-user] sudo requires password twice': Can someone paste/send me their (stock) /etc/pam.d/sudo file? Sent via private mail. -- If there's one thing we've established over the years, it's that the vast majority of our users don't have the slightest clue what's best for them in terms of package stability. -- Gentoo Developer Ciaran McCreesh pgpHTXUmgkh5q.pgp Description: PGP signature
RE: [gentoo-user] sudo requires password twice
I've not figured this out yet, so reposting in case someone has any ideas... I did find this link: http://www.mail-archive.com/openpkg-users@openpkg.org/msg01747.html But I tried to add this: authrequiredtry_first_pass To my /etc/pam.d/sudo file and it didn't work. Did I do that wrong? This is my current file (default) # File autogenerated by pamd_mimic_system in pam eclass auth required /lib/security/pam_stack.so service=system-auth auth required /lib/security/pam_nologin.so authinclude system-auth account include system-auth passwordinclude system-auth session include system-auth And I'm using app-admin/sudo 1.6.8_p9-r2 and sys-libs/pam 0.78-r5 DÆVID -Original Message- From: Daevid Vincent [mailto:[EMAIL PROTECTED] Sent: Sunday, June 11, 2006 10:44 PM To: gentoo-user@lists.gentoo.org Subject: RE: [gentoo-user] sudo requires password twice Just a little more info on this. I noticed on my server which I've not done the pam/shadow update emerge yet, this same anomolie occurs... Any ideas on why? -Original Message- From: Daevid Vincent [mailto:[EMAIL PROTECTED] Sent: Friday, June 09, 2006 2:46 PM To: gentoo-user@lists.gentoo.org Subject: [gentoo-user] sudo requires password twice I recently did an update world and had that 'pam'/'shadow' issue. Followed these pages: http://planet.gentoo.org/developers/flameeyes/2006/03/19/the_s hadow_and_pam_ login_conflict http://www.mail-archive.com/gentoo-user@lists.gentoo.org/msg35692.html Everything seems fine. I've rebooted many times since. I can login from ssh or console. One odd behaviour: [EMAIL PROTECTED] ~ $ sudo ifconfig Password: Password: eth0 Link encap:Ethernet HWaddr 00:08:74:E0:5C:3B inet addr:172.16.35.234 Bcast:172.16.63.255 Mask:255.255.224.0 ... Whenever I first type 'sudo' I am prompted twice?! Then of course sudo remembers me for 5 minutes or whatever the timeout is, so subsequent 'sudo' calls are not prompted. I don't know if this is relevant, but perhaps it has to do with the pam thing above? locutus ~ # cat /etc/pam.d/sudo # File autogenerated by pamd_mimic_system in pam eclass auth required /lib/security/pam_stack.so service=system-auth auth required /lib/security/pam_nologin.so authinclude system-auth account include system-auth passwordinclude system-auth session include system-auth ÐÆ5ÏÐ -- gentoo-user@gentoo.org mailing list -- gentoo-user@gentoo.org mailing list -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] sudo requires password twice
On Thursday 05 October 2006 16:36, Daevid Vincent [EMAIL PROTECTED] wrote about 'RE: [gentoo-user] sudo requires password twice': I've not figured this out yet, so reposting in case someone has any ideas... Hrm, I either never got the original (not surprising) of I was just skimming my mail to quickly and missed your question (even less surprising). auth required /lib/security/pam_stack.so service=system-auth This line... authinclude system-auth and this one are redundant. They both run through the system-auth chain as part of authentication. In effect you are telling PAM that any sudo authentication needs to do system authentication twice w/ whatever pam_nologin does in between. You'll want to remove one or the other, after investigating any subtle differences between the two that I'm unaware of, which may or may not exist. (I haven't messed with PAM in months.) -- If there's one thing we've established over the years, it's that the vast majority of our users don't have the slightest clue what's best for them in terms of package stability. -- Gentoo Developer Ciaran McCreesh pgpgo3GQfuNsH.pgp Description: PGP signature
RE: [gentoo-user] sudo requires password twice
Just a little more info on this. I noticed on my server which I've not done the pam/shadow update emerge yet, this same anomolie occurs... Any ideas on why? -Original Message- From: Daevid Vincent [mailto:[EMAIL PROTECTED] Sent: Friday, June 09, 2006 2:46 PM To: gentoo-user@lists.gentoo.org Subject: [gentoo-user] sudo requires password twice I recently did an update world and had that 'pam'/'shadow' issue. Followed these pages: http://planet.gentoo.org/developers/flameeyes/2006/03/19/the_s hadow_and_pam_ login_conflict http://www.mail-archive.com/gentoo-user@lists.gentoo.org/msg35692.html Everything seems fine. I've rebooted many times since. I can login from ssh or console. One odd behaviour: [EMAIL PROTECTED] ~ $ sudo ifconfig Password: Password: eth0 Link encap:Ethernet HWaddr 00:08:74:E0:5C:3B inet addr:172.16.35.234 Bcast:172.16.63.255 Mask:255.255.224.0 ... Whenever I first type 'sudo' I am prompted twice?! Then of course sudo remembers me for 5 minutes or whatever the timeout is, so subsequent 'sudo' calls are not prompted. I don't know if this is relevant, but perhaps it has to do with the pam thing above? locutus ~ # cat /etc/pam.d/sudo # File autogenerated by pamd_mimic_system in pam eclass auth required /lib/security/pam_stack.so service=system-auth auth required /lib/security/pam_nologin.so authinclude system-auth account include system-auth passwordinclude system-auth session include system-auth ÐÆ5ÏÐ -- gentoo-user@gentoo.org mailing list -- gentoo-user@gentoo.org mailing list
