sudo in Debian squeeze inside linux-vserver always wants password

Posted by mark on Server Fault See other posts from Server Fault or by mark
Published on 2012-07-09T11:33:12Z Indexed on 2012/07/10 9:17 UTC
Read the original article Hit count: 298

Every since I upgraded all my linux-vserver Debian guests from Lenny to Squeeze I've the apparent problem that whenever I want to use sudo it asks me for my password. Every time.

I've configured sudo to have a timeout of 30 minutes: Defaults timestamp_timeout=30 . This has been configured when it was still Lenny (note: as suggested by EightBitTony I've also tried without this setting -> no change).

I've a hard time figuring out what the problem here is, since I think my configuration is right.

I thought about it being a problem with the file used to record the timestamp, maybe a permission issue, but was unlucky to find any hard evidence. I've compared the contents of /var/lib/sudo/ between a working and a non-working system but couldn't spot any difference. The version of sudo used in both environments is 1.7.4p4-2.squeeze.3.

My non-working system(s):

find /var/lib/sudo/ -ls
17319289    4 drwx------   4 root     root         4096 Jan  1  1985 /var/lib/sudo/
17319286    4 drwx------   2 root     mark         4096 Jan  1  1985 /var/lib/sudo/mark  
17319312    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/6
17319361    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/9
17319490    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/10
17319326    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/4
17319491    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/2

A working system:

find /var/lib/sudo -ls
2598921    4 drwx------   5 root     root         4096 Jan  1  1985 /var/lib/sudo
1999522    4 drwx------   2 root     mark         4096 Jan  1  1985 /var/lib/sudo/mark    
2000781    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/8
1998998    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/17
1999459    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/26
1998930    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/24
2000771    4 -rw-------   1 root     mark           40 Jun 25 11:39 /var/lib/sudo/mark/4
2000773    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/5
1999223    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/0
1998908    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/14
2000769    4 -rw-------   1 root     mark           40 Jul  9 13:30 /var/lib/sudo/mark/2
2000770    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/3
2000782    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/9
2000778    4 -rw-------   1 root     mark           40 Jul  8 00:11 /var/lib/sudo/mark/7
1998892    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/19
1999264    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/23
2000789    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/12
1999093    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/25
1998880    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/18
1998853    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/20
2000790    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/15
1998878    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/16
1998874    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/13
2000774    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/6
2000786    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/11
1998893    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/22
2000783    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/10
1998949    4 -rw-------   1 root     mark           40 Jan  1  1985 /var/lib/sudo/mark/1

Despite the obvious (some up2date timestamps on the working system) I don't see anything wrong here, so it could be as well be a wrong track.

Here's my current /etc/sudoers:

# /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the man page for details on how to write a sudoers file.
#

Defaults        env_reset

# Host alias specification

# User alias specification
User_Alias FULLADMIN = user1, user2, user3

# Cmnd alias specification

# User privilege specification
root    ALL=(ALL) ALL
FULLADMIN ALL = (ALL) ALL

# Allow members of group sudo to execute any command
# (Note that later entries override this, so you might need to move
# it further down)
%sudo ALL=(ALL) ALL
#
#includedir /etc/sudoers.d
#Defaults always_set_home,timestamp_timeout=30

© Server Fault or respective owner

Related posts about debian

Related posts about sudo