The macosxhints Forums

The macosxhints Forums (http://hintsforums.macworld.com/index.php)
-   UNIX - General (http://hintsforums.macworld.com/forumdisplay.php?f=16)
-   -   sudo password not accepted (http://hintsforums.macworld.com/showthread.php?t=23765)

yellow 05-13-2004 11:36 AM

For me.. (10.3.3)
Code:

yellow% ls -l /usr/bin/sudo
-r-s--x--x    1 root    wheel      96540 Mar 16 09:29 /usr/bin/sudo


George83 05-13-2004 12:37 PM

I ran Disk Utility from the Mac OS X CD, and repaired disk permissions, and so I now get:

Code:

Mac:~ George$ ls -l /usr/bin/sudo
-r-s--x--x  1 root  wheel  107176 12 May 19:30 /usr/bin/sudo

However, sudo still doesn't accept the password :confused:

As an aside, does anyone know why the timestamp on the above output is 2 hours behind the actual system time, as displayed in the menu bar? It doesn't bother me, but I'm just interested to know!

nkuvu 05-13-2004 12:38 PM

Yep, I have the same as yellow and stetner. Well, the date is from when I reinstalled the OS.
-r-s--x--x 1 root wheel 96540 27 Apr 23:14 /usr/bin/sudo

nkuvu 05-13-2004 12:40 PM

Well the permissions are the same, but the file sizes are still different.

yellow 05-13-2004 12:45 PM

Quote:

Originally Posted by nkuvu
Well the permissions are the same, but the file sizes are still different.

I find this to be unusual and possibly problematic. I don't want to be an alarmist, but every Panther machines I've checked all have the same file size.. 96540 bytes. All the Jaguar boxes (at least the 5 I checked) had the same size too, 96384 bytes.
This may be perfectly normal difference between UK/US versions of OSX, I really don't know. So, no panicking.

What does "sudo -V" return?
For me:
Code:

yellow% sudo -V
Sudo version 1.6.6


George83 05-13-2004 01:09 PM

Code:

Mac:~ George$ sudo -V
Sudo version 1.6.3p7

The lastest version is 1.6.7p5. I tried to follow the upgrade instructions (found in the UPGRADE.txt file in the .tar.gz file), but it's over my head.

Is upgrading recommended? If so, simple instructions would be very much appreciated.

Thanks.

yellow 05-13-2004 01:19 PM

I find it very odd that you have an old version of sudo, yet you're running 10.3.3. Even the Jaguar boxes I checked are running 1.6.6.

George83 05-13-2004 02:23 PM

I found this in the FAQ on the sudo web site, but I'm having trouble making any sense of it:


Quote:

Q) When sudo asks me for my password it never accepts what I enter even though I know I entered my password correctly.

A) If your system uses shadow passwords, it is possible that sudo didn't detect this. Take a look at the generated config.h file and verify that the C function used for shadow password lookups was detected. For instance, for SVR4-style shadow passwords, HAVE_GETSPNAM should be defined (you can search for the string "shadow passwords" in config.h with your editor). Note that there is no define for 4.4BSD-based shadow passwords since that just uses the standard getpw* routines.
For starters, where is the config.h file located? It's not in /usr/bin/sudo... Any ideas?

sao 05-13-2004 04:14 PM

Here we go again...

Code:

[pm @ Sao: ~] % grepbom sudo
.................../private/etc/pam.d/sudo      281    Sat Sep 13 08:06:12 2003
./private/etc/sudoers  341    Sat Sep 13 12:29:01 2003
./usr/bin/sudo  96,540  Wed Sep 24 14:48:17 2003
./usr/sbin/visudo      69,592  Wed Sep 24 14:48:17 2003
./usr/share/man/man5/sudoers.5  45,390  Sat Sep 13 12:29:02 2003
./usr/share/man/man8/sudo.8    19,387  Sat Sep 13 12:29:01 2003
./usr/share/man/man8/visudo.8  10,001  Sat Sep 13 12:29:02 2003
./usr/share/zsh/4.1.1/functions/_sudo  650    Sat Sep 13 09:51:06 2003
  ====> /Library/Receipts/Essentials.pkg/Contents/Archive.bom


blb 05-13-2004 04:21 PM

Definitely sounds like something replaced your good sudo with an older version, one that probably doesn't know how to handle 10.3's new shadow password method. The config.h is actually something you would edit when compiling sudo, so you probably won't be finding it on your system.

As sao hints, your best bet is to get sudo out of the Essentials package via something like Pacifist.

George83 05-13-2004 04:45 PM

I opened the Essentials.pkg with Pacifist, Authorized, and then located the 'sudo' file, but it says that 'Package contains no files to extract', and the 'Extract To...' button is grayed-out.

Also, sao, were you 'hinting' that I should extract files other than sudo? I tried typing 'grepbom sudo', but the command is not recognised.

George83 05-13-2004 05:21 PM

OK, I got the file from the Mac OS X install CD, and it works perfectly!

Thanks very much for all your help, guys.

stetner 05-13-2004 07:23 PM

OK, that is great, but the question is where did the bad sudo come from? Had you installed it or has somebody been hacking at your machine?

blb 05-13-2004 07:59 PM

Quote:

Originally Posted by stetner
OK, that is great, but the question is where did the bad sudo come from? Had you installed it or has somebody been hacking at your machine?

Definitely a good question; but do note, the 'bad' sudo already had suid-root permissions, so something had to have root already.

George83 05-13-2004 08:54 PM

I definitely didn't install it, and I doubt it's the latter as I'm behind a hardware firewall (well, at least I hope it's not the latter!).

jeremyg 06-01-2004 07:45 AM

hi,
i have the same problem relating to sudo not working and its only after i installed the "websharing 1.0" update from the apple website (ssh doesnt work anymore either). I take it i need to install the essentials package again or is it the sudo.pkg? I got my panther os shipped with my powerbook so my only two options are re-install osX or software restore and software restore doesnt correct the problem (i ran it to test anyway). So, is there anyway i can get the required package (e.g from a website) or could someone email it to me please if its not too big?
any helps great,
jeremy

blb 06-01-2004 04:20 PM

That Web Sharing Update has the exact size sudo binary George83 reported earlier...

However, that thing really shouldn't be installed on 10.3 (and probably not even 10.2), since it was released in July 2001.

jeremyg 06-02-2004 12:27 AM

i guess he probably installed that as well. It didnt say anything about compatibility with a certain os version so i just ran the instaler for it - big mistake. So..... is it possible to get the package i need to run without re-installing the whole os again?
jeremy

dfmiller 06-09-2004 12:23 PM

Hi, I am in precisely the same situation as our protagonist, George. I have followed your diagnosis through two pages of commands and have generated results identical to those George found. In regard to what I thought was an unrelated matter, I just posted a message to Jeremy (http://forums.macosxhints.com/showthread.php?t=24315) about a problem we are both having with OpenSSL. But your comment about the Web Sharing Update made me realize the cause of the problem for George, Jeremy and me (I think). I have mistakenly installed this update, meant for 10.1, over my 10.3.4. You can probably guess that I don't make my living as a system admin. Assuming that this is the underlying problem for me at least, how can I undo what that installation did? Thanks for your patience.

Whit

hayne 06-09-2004 12:31 PM

Quote:

Originally Posted by dfmiller
how can I undo what that installation did?

The safest thing would be to do an archive and install. I.e. reinstall Jaguar (from your install CDs) but keeping your current user data. You would then need to check Software Update (on the Apple menu) and apply all the updates that it presents to you. And it would be advisable in future to only apply updates as they are presented to you by Software Update - don't apply updates you downloaded manually unless you read very carefully about what they do.

Of course, it is recommended that you make a backup of the files you care about before doing the re-install.


All times are GMT -5. The time now is 05:48 PM.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
Site design © IDG Consumer & SMB; individuals retain copyright of their postings
but consent to the possible use of their material in other areas of IDG Consumer & SMB.