How to fix sudo: setreuid(ROOT_UID, user_uid): Operation not permitted error?

Posted by David R. on Ask Ubuntu See other posts from Ask Ubuntu or by David R.
Published on 2012-02-22T19:00:05Z Indexed on 2012/08/30 21:50 UTC
Read the original article Hit count: 386

Filed under:

sudo

|

authentication

|

ldap

I am using LDAP authentication on my Ubuntu 11.10 server. I installed libpam-ldap, and configured things accordingly. It works great, except that I get this error every once in a while when I try to sudo:

sudo: setreuid(ROOT_UID, user_uid): Operation not permitted

I know I have sudoers set up correctly, since it works most of the time. It's not just my log in either, others have the same problem when I have it. When this error is occurring, I can't ssh in with my regular system user at all. When I sign in directly, I can't get any gnome-terminal to start.

Once I restart the server, the problem goes away. 'Course, that's not a solution, if it was a prod server, I'd be in trouble.

How do I fix this?

Edit 3/1/12: I just figured out that if stop and start the nscd service, the problem goes away.

service nscd stop
service nscd start

Not much of a solution since I have to be logged into the server directly, not via ssh.

© Ask Ubuntu or respective owner

Related posts about sudo

Error after sudo-ing "sudo: must be setuid root"

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
On a colleagues computer, everytime I use a sudo command, I get this error: sudo: must be setuid root I tried various things mentioned on the internet, like changing the permissions to 4755 from a live cd, but even this command from a live-cd sudo chmod 4755 /media/device/usr/bin/sudo gives the… >>> More
any clue in these logs why keyboard audio and internet are messed up

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
Jun 7 00:01:18 Isis lightdm: pam_unix(lightdm-autologin:session): session opened for user mimi by (uid=0) Jun 7 00:01:18 Isis lightdm: pam_ck_connector(lightdm-autologin:session): nox11 mode, ignoring PAM_TTY :0 Jun 7 00:01:26 Isis polkitd(authority=local): Registered Authentication Agent for… >>> More
Sudo yum seems to fail on CentOS, but works fine after sudo -i

as seen on Server Fault - Search for 'Server Fault'
I am currently having some trouble with yum through sudo. For some reason, it does not seem to work: aron@graviton [/var/log]# sudo yum clean all There was a problem importing one of the Python modules required to run yum. The error leading to this problem was: /usr/lib64/python2.4/lib-dynload/datetime… >>> More
sudo in Debian squeeze inside linux-vserver always wants password

as seen on Server Fault - Search for 'Server Fault'
Every since I upgraded all my linux-vserver Debian guests from Lenny to Squeeze I've the apparent problem that whenever I want to use sudo it asks me for my password. Every time. I've configured sudo to have a timeout of 30 minutes: Defaults timestamp_timeout=30 . This has been configured when it… >>> More
Ubuntu - Security - Sudo disable password :: What difference in security if sudo will not requere pa

as seen on Super User - Search for 'Super User'
Hi, What difference in security of UBUNTU if sudo will not require password? Thanks >>> More

Related posts about authentication

Configuring Fed Authentication Methods in OIF / IdP

as seen on Oracle Blogs - Search for 'Oracle Blogs'
In this article, I will provide examples on how to configure OIF/IdP to map OAM Authentication Schemes to Federation Authentication Methods, based on the concepts introduced in my previous entry. I will show examples for the three protocols supported by OIF: SAML 2.0 SSO SAML… >>> More
windows authentication vs sql server authentication for asp.net forms authentication site

as seen on Stack Overflow - Search for 'Stack Overflow'
I have a database and a site having forms authentication. It is working fine with VS2008. This time, I am using "Trusted_connection =True". But when it is opened from outside or directly from browser then I am getting error "Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'." I know this is due… >>> More
Disable authentication on subfolder(s) of an ASP.NET app using windows authentication

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, Is it possible to disable windows authentication on one or more subfolders of an ASP.net application using windows authentication? >>> More
AutoCompleteExtender - authentication failure (forms authentication)

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm using the AutoCompleteExtender from the AJAX control toolkit on my aspx page - I have it wired up to a WCF service that is returning a string array and everything works happily. If I change my service definition to include a demand for the caller to be authenticated, like so: <OperationContract()… >>> More
Ruby on Rails , functionalities having twitter authentication and email authentication (autlogic and

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi Experts, I would like to ask your guidance on how to authenticate using email add/ the basic log-in while having also a twitter log-in, twitter authentication works fine but if having an alternative log-in like using basic sign-up and email log-in part wont work.... any ideas please...? >>> More