|
Bugzilla – Full Text Bug Listing |
| Summary: | Recent update containing missconfiguration | ||
|---|---|---|---|
| Product: | Sudo | Reporter: | Himanshu <himanshuiit2212> |
| Component: | Sudoers | Assignee: | Todd C. Miller <Todd.Miller> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | smu+sudo |
| Priority: | low | ||
| Version: | 1.9.8 | ||
| Hardware: | PC | ||
| OS: | Linux | ||
| Attachments: | sudoers audit plugin error | ||
This looks like a DNS problem of some kind, your host name "cyberhifi" cannot be resolved. This is not normally an error but your sudoers file probably has the "fqdn" option set (or your sudo was compiled with as a default). If you have a line like: Defaults fqdn in sudoers and remove it, the error should go away. If you don't see that line, you can try explicitly disabling the option like so: Defaults !fqdn I did as you told me but the error is still there. Can you please ellaborate it. That error can only occur when the fqdn option is enabled. The Debian sudo package enables this at build-time but you should be able to disable it in the sudoers file. I don't know why that would not be working for you. However, this problem is really being caused by a DNS problem or misconfiguration. When sudo tries to look up your host name in DNS, it gets an error that basically means "try again later". I suggest you verify that you can look up your system's hostname and try to debug the DNS problem. Following up to comment#3 I can confirm that the bug is associate with the --with-fqdn configure option. However: Binary compiled with --with-fqdn and a non-resolvable local hostname _always_ fails, irrespective of Defaults !fqdn in /etc/sudoers: root@larsa:~# sudo -u nobody bash sudo: unable to resolve host foobarxyz: Name or service not known sudo: error initializing audit plugin sudoers_audit root@larsa:~# grep -E Defaults.*fqdn /etc/sudoers Defaults fqdn root@larsa:~# vim /etc/sudoers root@larsa:~# grep -E Defaults.*fqdn /etc/sudoers Defaults !fqdn root@larsa:~# sudo -u nobody bash sudo: unable to resolve host foobarxyz: Name or service not known sudo: error initializing audit plugin sudoers_audit root@larsa:~# Meanwhile, a binary compiled without --with-fqdn never fails: root@larsa:~# sudo -u nobody bash nobody@foobarxyz:/root$ exit root@larsa:~# grep -E Defaults.*fqdn /etc/sudoers Defaults !fqdn root@larsa:~# vim /etc/sudoers root@larsa:~# sudo -u nobody bash sudo: unable to resolve host foobarxyz: Name or service not known nobody@foobarxyz:/root$ exit root@larsa:~# grep -E Defaults.*fqdn /etc/sudoers Defaults fqdn root@larsa:~# Note that in the latter case, with `Defaults fqdn`, there is the error about the unresolvable FQDN, but it is _not_ coming from the initialization of the audit plugin. So for some reason, between 1.9.5p2 and 1.9.8p2 (the versions I was able to test), with the same sudoers file, something made the audit plugin fail with non-resolvable hostnames if and only if the _compile_ time option for fqdn is set. Thanks for confirming that it is not possible to disable the fqdn option before it is used. I just committed a fix for this: https://www.sudo.ws/repos/sudo/rev/8c6eaa503793 Fixed in sudo 1.9.9 |
Created attachment 561 [details] sudoers audit plugin error I recently update my kali linuxby sudo apt-get update && apt-get upgrade) but after installing new update the sudo command is not working. I am unable to use sudo even I am not login as root user and giving error as: error initializing audit plugin sudoers_audit