Re: jessie to stretch upgrade Killed sudo.
- Date: Mon, 6 May 2019 15:54:53 +0200
- From: Martin <keine-eile@xxxxxxxxx>
- Subject: Re: jessie to stretch upgrade Killed sudo.
Am 06.05.19 um 14:29 schrieb Martin McCormick:
> After upgrading 2 older I86 systems to stretch, sudo works on one
> and fails on the other but I am writing about both. The problem
> was probably on the failing system all along but su still allowed
> a su to root under jessie but won't allow it under stretch.
> sudo: pam_open_session: Permission denied
> sudo: policy plugin failed session initialization
Ok, this where to start: Have a look at your pam config:
- Have there been any changes? Not just recently, but at any time.
- What are the modification dates in /etc/pam.d/?
- What pam modules are installed? -> dpkg -l | grep pam
If I'm not wrong, a systemd module 'libpam-systemd' was introduced with stretch. This has to be present!
> The first thing I did was classic finger-pointing. I
> de-installed sudo on the limping system and reinstalled it at
> which point the problem persisted. A look at /var/log/auth.log
> tells me something but I am not sure what.
> If you look in auth.log, it is peppered with
> May 5 13:11:32 audio3 sudo: PAM no modules loaded for `sudo' service
> This occurs both before and after the upgrade which
> succeeds before and fails after.
> The other system which totally survived the upgrade never
> shows this message so it seems that the pam service is partly
> broken on one and OK on the other. Right now, I can ssh in to
> the broken system and do anything but sudo commands. What is the
> safest way to rescue the system while still remotely attached via
> As I said, the problem may have been here for quite some
> time so the upgrade didn't cause it. It just accentuates it
> since sudo now complains.
> Thanks for all constructive ideas.
> Martin McCormick WB5AGZ