X-Git-Url: https://git.gag.com/?a=blobdiff_plain;f=TROUBLESHOOTING;h=57e20127b4cb84bbf766c9eaa1ec85bc065fb94e;hb=35e75111658450b5f1c03f76bf2c696fbf8d0160;hp=94a93ccbcd44e69c456cec01dfda115c0f882f10;hpb=26b91e48d9297ef94e92d8501f12b1516096a940;p=debian%2Fsudo diff --git a/TROUBLESHOOTING b/TROUBLESHOOTING index 94a93cc..57e2012 100644 --- a/TROUBLESHOOTING +++ b/TROUBLESHOOTING @@ -17,28 +17,32 @@ A) Sudo must be setuid root to do its work. You need to do something like your $PATH before the directory containing sudo. If you are going to have '.' in your path you should make sure it is at the end. -Q) Sudo compiles but when I run it I get "seteuid(0) failed, your operating - system may have broken POSIX saved ID support\nTry running configure with - --disable-saved-ids" and sudo quits. -A) The operating system you are running probably has broken support for - POSIX saved IDs. You should run configure with the "--disable-saved-ids" - option and rebuild sudo. - Q) Sudo never gives me a chance to enter a password using PAM, it just - says 'Sorry, try again.' three times and quits. -A) You didn't setup PAM to work with sudo. On Linux this generally - means installing sample.pam as /etc/pam.d/sudo. + says 'Sorry, try again.' three times and exits. +A) You didn't setup PAM to work with sudo. On Redhat Linux or Fedora + Core this generally means installing sample.pam as /etc/pam.d/sudo. + See the sample.pam file for hints on what to use for other Linux + systems. + +Q) Sudo says 'Account expired or PAM config lacks an "account" + section for sudo, contact your system administrator' and exits + but I know my account has not expired. +A) Your PAM config lacks an "account" specification. On Linux this + usually means you are missing a line like: + account required pam_unix.so + in /etc/pam.d/sudo. Q) Sudo is setup to log via syslog(3) but I'm not getting any log messages. A) Make sure you have an entry in your syslog.conf file to save the sudo messages (see the sample.syslog.conf file). The default - log facility is local2 (changeable via configure). Don't forget - to send a SIGHUP to your syslogd so that it re-reads its conf file. - Also, remember that syslogd does *not* create log files, you need to - create the file before syslogd will log to it (ie: touch /var/log/sudo). - Note: the facility ("local2.debug") must be separated from the - destination ("/var/adm/sudo.log" or "@loghost") by + log facility is authpriv (changeable via configure or in sudoers). + Don't forget to send a SIGHUP to your syslogd so that it re-reads + its conf file. Also, remember that syslogd does *not* create + log files, you need to create the file before syslogd will log + to it (ie: touch /var/log/sudo). + Note: the facility (e.g. "auth.debug") must be separated from the + destination (e.g. "/var/log/auth" or "@loghost") by tabs, *not* spaces. This is a common error. Q) When sudo asks me for my password it never accepts what I enter even @@ -155,11 +159,14 @@ A) "cd" is a shell built-in command, you can't run it as a command Q) When I try to use "cd" with sudo the command completes without errors but nothing happens. -A) Some SVR4-derived OS's include a /usr/bin/cd command for reasons - unfathomable. A "cd" command is totally useless since a child process - cannot affect the current working directory of the parent (your shell). - -Q) When I run sudo it says I am not alllowed to run the command as root +A) Even though "cd" is a shell built-in command, some operating systems + include a /usr/bin/cd command for some reason. A standalone + "cd" command is totally useless since a child process (cd) cannot + affect the current working directory of the parent (your shell). + Thus, "sudo cd /foo" will start a child process, change the + directory and immediately exit without doing anything useful. + +Q) When I run sudo it says I am not allowed to run the command as root but I don't want to run it as root, I want to run it as another user. My sudoers file entry looks like: bob ALL=(oracle) ALL @@ -171,5 +178,14 @@ A) The default user sudo tries to run things as is always root, even if Defaults:bob runas_default=oracle would achieve the desired result ofr the preceding sudoers fragment. +Q) When I try to run sudo via ssh, I get the error: + sudo: no tty present and no askpass program specified +A) ssh does not allocate a tty by default when running a remote command. + Without a tty, sudo cannot disable echo when prompting for a password. + You can use ssh's "-t" option to force it to allocate a tty. + Alternately, if you do not mind your password being echoed to the + screen, you can use the "visiblepw" sudoers option to allow this. + Q) How do you pronounce `sudo'? -A) soo-doo (for superuser do). +A) The official pronunciation is soo-doo (for su "do"). However, an + alternate pronunciation, a homophone of "pseudo", is also common.