Re: jessie to stretch upgrade Killed sudo.
On Mon, 06 May 2019 07:29:07 -0500
"Martin McCormick" <martin.m@suddenlink.net> wrote:
> After upgrading 2 older I86 systems to stretch, sudo works on one
> and fails on the other but I am writing about both. The problem
> was probably on the failing system all along but su still allowed
> a su to root under jessie but won't allow it under stretch.
>
> sudo: pam_open_session: Permission denied
> sudo: policy plugin failed session initialization
>
> The first thing I did was classic finger-pointing. I
> de-installed sudo on the limping system and reinstalled it at
> which point the problem persisted. A look at /var/log/auth.log
> tells me something but I am not sure what.
>
> If you look in auth.log, it is peppered with
>
> May 5 13:11:32 audio3 sudo: PAM no modules loaded for `sudo' service
>
> This occurs both before and after the upgrade which
> succeeds before and fails after.
>
> The other system which totally survived the upgrade never
> shows this message so it seems that the pam service is partly
> broken on one and OK on the other. Right now, I can ssh in to
> the broken system and do anything but sudo commands. What is the
> safest way to rescue the system while still remotely attached via
> ssh?
>
> As I said, the problem may have been here for quite some
> time so the upgrade didn't cause it. It just accentuates it
> since sudo now complains.
> Thanks for all constructive ideas.
>
>
> Martin McCormick WB5AGZ
>
I don't use sudo myself (I consider ita security risk). So, have
little experience with it, but the first thing I'd check is "Are you a
'permitted' user?" You have to be to use it. Whether this permission
is part of policy or there is a config file somewhere or both, I don't
know. Start with "man sudo."
B
Reply to: