I still use FC4 quite a bit, but was surprised that sudo appears to be broken. It doesn’t work.
Even after adding user entries to /etc/sudoers, sudo will authenticate, showing the password, but won’t execute the command. For instance, sudo bash drops me back at the unprivileged shell.
The “problem” is actually PAM. The Pluggable Authentication Module.
If you hop over to the /etc/pam.d directory, you’ll discover that you need a sudo file. If one does not exist, then PAM will use other; and doing a cat on that file shows the default policy is to deny.
The quick solution is to simply something that works, such as the sshd file:
# cp sshd sudo
Or, at a minimum for Fedora Core 4, you can use this content:
/etc/pam.d$ cat sudo
#%PAM-1.0
auth required pam_stack.so service=system-auth
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_limits.so
Note, though that for Fedora Core 5, things change a little:
#%PAM-1.0
auth include system-auth
account include system-auth
password include system-auth
session required pam_limits.so
Make sure you set the perissions and ownerships correctly:
# chown root sudo
# chgrp root sudo
# chmod 644 sudo
$ ls -l sudo
-rw-r--r-- 1 root root 203 Jul 5 2006 sudo
Please note that there is a yum distribution. You can add sudo to your system with:
# yum install sudo
Watch for warning messages. /etc/pam.d/sudo might need to be replaced with /etc/pam.d/sudo.newrpm, and /etc/sudoers might need to be replaced with /etc/sudoers.newrpm. This is simply yum not wanting to step on any existing files. Yum is the preferred way of installing sudo with FC4 and FC5.