Open Source Development

Power Open Source Development

Explore the open source tools and capabilities for building and deploying modern applications on IBM Power platforms including AIX, IBM i, and Linux.


#Power


#Power

 View Only

  • 1.  sudo kerberos auth

    Posted Tue June 25, 2019 05:20 PM

    Originally posted by: james.franznick


    When I switched from using Perzl sudo to IBM sudo my authentication to kerberos no longer works. I get the following error using both IBM sudo and sudo_ids. If I reinstall Perzl sudo it works fine

    sudo -u root -i
    Password:
    [LDAP]: Your encrypted password is invalid.
    Only the system administrator can change this password.

    rpm -q sudo_ids
    sudo_ids-1.8.27-2.ppc

     

     

     


    #AIX-Open-Source-Software
    #AIXOpenSource


  • 2.  Re: sudo kerberos auth

    Posted Wed June 26, 2019 02:52 AM

    Originally posted by: sangameshm


    What is the auth_type entry you have it in /etc/security/login.cfg ?

    Please could you try testing by changing the STD_AUTH and PAM_AUTH and how sudo behaves.

    If we have PAM_AUTH entry then we need some additional entry in /etc/pam.conf.

    sudo   auth      required      /usr/lib/security/pam_aix
    sudo   account   required      /usr/lib/security/pam_aix
    sudo   password  required      /usr/lib/security/pam_aix
    sudo   session   required      /usr/lib/security/pam_aix

     

    sudo now built with PAM support and if we have PAM_AUTH then we need to have all required entries.


    #AIX-Open-Source-Software
    #AIXOpenSource


Related Content