Description

When BoKS is active on Debian and Ubuntu systems, attempts to execute the sudo command fail with the following error message:

Sorry, try again.
Sorry, try again.
Sorry, try again.
sudo: 3 incorrect password attempts

This is caused because BoKS activation puts an incorrect version of the file /etc/pam.d/sudo into place.

This problem is present in the following versions of BoKS:

BoKS Server Agent for UNIX/Linux version OS version and platform
7.0 Debian 7 x86_64
7.0 Debian 8 x86_64
7.0 SuSE 12 x86_64
7.0 Ubuntu 12 x86_64
7.0 Ubuntu 14 x86_64
6.7.1 Debian 7 x86
6.7.1 Ubuntu 12 x86_64
6.7.0 Debian 7 x86
6.7.0 Ubuntu 12 x86_64



Resolution / Workaround

1. Remove the file ${BOKS_etc}/pam.d/sudo and the file ${BOKS_etc}/pam.d.tmpl/sudo. Please note that the first file will only exist after BoKS has been activated for the first time.

2. Edit the file ${BOKS_etc}/sysreplace.conf..boks

Change the line beginning with file pamdir to remove sudo. Example:

From this:

file pamdir relinkdir,copyfiles,softlinkfiles /etc/pam.d $BOKS_etc/pam.d ftp lightdm lightdm-autologin login passwd rexec rlogin rsh su vsftpd chpasswd chfn chsh newusers sudo

To this:

file pamdir relinkdir,copyfiles,softlinkfiles /etc/pam.d $BOKS_etc/pam.d ftp lightdm lightdm-autologin login passwd rexec rlogin rsh su vsftpd chpasswd chfn chsh newusers

3. Run

${BOKS_lib}/sysreplace replace

This should restore original functionality to sudo.

Note:

FoxT recommends that you use ${BOKS_bin}/suexec instead of sudo, since sudo is not under the control of BoKS.


Still have questions? We can help. Submit a case to Technical Support.

Last Modified On: May 25, 2018