Bugzilla – Bug 745
Receiving error: "sudo: policy plugin failed session initialization" on AIX LDAP enabled server
Last modified: 2016-06-18 05:57:03 MDT
After the successful compile of sudo 1.8.16 on AIX 61 TL9 and AIX 71 TL4 - LDAP enabled server (non-ldap server did not have the same problem), sudo commands (except sudo -l and sudo -V) throws an error "sudo: policy plugin failed session initialization" Is this due to the potential problem when a user or group of the same name exists in multiple auth registries (local and LDAP)? I tried the fix under Bug 744 (Defaults !pam_session in sudoers) and sudo works fine, but is this the right workaround? Is there anything else I should do? Please let me know - Thank you.
This means that the PAM session was not established for some reason. Can you try the current sudo 1.8.17 beta? It has a change that ignores generic PAM session errors. https://www.sudo.ws/dist/beta/sudo-1.8.17b4.tar.gz
I tried the 1.8.17 beta and sudo compiled/worked fine on ldap server (both aix61 & 71) w/o adding the entry in sudoers. I will wait for the stable version 1.8.17 to roll our -- thank you!
Thanks for testing, I'll close out this bug when 1.8.17 is released.
Fixed in sudo 1.8.17 which is now available.