summaryrefslogtreecommitdiff
path: root/TROUBLESHOOTING
blob: 3eb45d0e5f9be7e264a44734b0e0258ff56f6449 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95

FAQ and troubleshooting tips for CU sudo
========================================

Q) Sudo compiles but when I run it I get "Sorry, sudo must be setuid root."
   and sudo quits.
A) Sudo must be setuid root to do its work.  You need to do something like
   `chmod 4111 /usr/local/bin/sudo'.  Also, the filesystem sudo resides
   on must *not* be mounted with the nosuid mount option or sudo will
   not be able to work.

Q) Sudo is setup to log via syslog(3) but I'm not getting any log
   messages.
A) Make sure you have an entry in your syslog.conf file to save
   the sudo messages.  The default log facility is local2
   (configurable in options.h) so you would want something like:
	local2.debug				/var/adm/sudo.log
   or
	local2.debug				@loghost
    depending whether you want to forward the messages to another
    host or keep them locally.

Q) When sudo asks me for my password it never accepts what I enter even
   though I know I entered my password correctly.
A) Try running configure with the --with-getpass option.  After this
   when you build sudo it will use the system's getpass() routine instead
   of sudo's own version.  If that doesn't work, and your OS uses shadow
   passwords, re-run configure and add the --with-C2 option.  Configure
   tries to guess whether or not you are using shadow passwords but
   it is not bulletproof.
   (see the INSTALL doc for a list of OS's that sudo knows how to get
   shadow password info for).

Q) Sudo says that it cannot read the sudoers file even though the
   path it says is correct.
A) If the sudoers file lives on an NFS-mounted partition that partition
   needs to be exported as root to the host in question unless you
   have set SUDOERS_OWNER to something other than root.  An easy test
   is to see if "cat /path/to/sudoers" works as root.  If not, then
   you have the aforementioned problem.  See the entry for SUDOERS_OWNER
   in the OPTIONS file.

Q) Can I put the sudoers file in NIS/NIS+ or do I have to have a
   copy on each machine?
A) There is no support for making an NIS/NIS+ map/table out of
   the sudoers file at this time.  A good way to distribute the
   sudoers file is via rdist(1).  It is also possible to
   NFS-mount the sudoers file.  However, please read the previous
   TROUBLESHOOTING entry for info on this.

Q) I don't run sendmail on my machine.  Does this mean that I cannot
   use sudo?
A) No, you just need to comment out the MAILER #define in options.h.

Q) When I run visudo it uses vi as the editor and I hate vi.  How
   can I make it use another editor?
A) Your best bet is to enable the ENV_EDITOR option in options.h.
   This will make visudo use the editor specified by the user's
   EDITOR environmental variable.  Alternately, you can change the
   default editor by setting the EDITOR macro in options.h to
   the editor of your choice.

Q) Sudo appears to be removing some variables from my environment, why?
A) Sudo removes the following "dangerous" environmental variables
   to guard against shared library spoofing, shell voodoo, and
   kerberos server spoofing.
     IFS
     LD_*
     _RLD_*
     SHLIB_PATH (HP-UX only)
     LIB_PATH (AIX only)
     KRB_CONF (kerberos only)

Q) I can't get the s/key support to work, whatever I do sudo won't
   accept my key.  I had to run configure with --with-getpass,
   could that have something to do with it?
A) Yes, the s/key support requires that you use tgetpass() since
   most system getpass()'s only grab eight characters or so
   and s/key needs much mroe than that.  It should be possible
   to get tgetpass() to work, send mail to sudo-bugs@cs.colorado.edu
   if you need help.

Q) I overwrote the distributed lex.yy.c with a lex-generated one and
   now sudo does not work.
A) The simplest thing to do is "rm -f lex.yy.c ; ln sudo-lex.yy.c lex.yy.c"
   which will set you back up with a pre-flexed lex.yy.c.
   If you want to hack on the lexer you should get a copy of flex
   from ftp.ee.lbl.gov

Q) My C compiler complains about:
	"./options.h", line xx "/*" detected in comment
   Should I be worried?
A) No, this is due to the way options are commented out in options.h.
   Some ANSI compilers are just a bit too protective.
   If anyone have a better way to that is just as easy to uncomment
   and that doesn't produce a similar warning, please let me know.
View Lorry Controller Status