gpt4 book ai didi

rhel - pam_open_session : System error and sudo: policy plugin failed session initialization with no pass expiary in etc/pam. d/密码验证

转载 作者:行者123 更新时间:2023-12-05 02:14:04 24 4
gpt4 key购买 nike

我正在为 REHL 7 中的一个错误而苦苦挣扎。我有一个 REHL Image 女巫只能通过 SSH key 访问而无需用户/密码凭据。

为了防止密码在 90 天后更新(这对于 SSH key 是不可能的),我在我的 etc/pam.d/password-auth 中添加了 no_pass_expiry

但是当我尝试 sudo 时收到以下错误

pam.d]$ sudo su -
sudo: pam_open_session: System error
sudo: policy plugin failed session initialization

这只会在 90 天后发生。

最佳答案

您的密码可能已过期。例如...这是一个过期用户的 sudo:

[user@server ~]$ sudo whoami
sudo: pam_open_session: System error
sudo: policy plugin failed session initialization
[user@server ~]$

[user@server ~]$ chage -l user
Last password change : May 07, 2018
Password expires : Aug 05, 2018
Password inactive : never
Account expires : never
Minimum number of days between password change : 1
Maximum number of days between password change : 90
Number of days of warning before password expires : 10

现在,如图所示,重置过期标志后,sudo 按预期工作:


[root@server]# chage -m 0 -M 99999 -I -1 -E -1 user
[root@server]# chage -l user
Last password change : May 07, 2018
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 10

[user@server ~]$ sudo whoami
root

您可以在 /var/log/secure 上通过检查与下面列出的类似消息来确认这一点:

Feb 27 16:59:14 server sudo: pam_unix(sudo:account): expired password for user user (password aged)
Feb 27 16:59:14 server sudo: user : TTY=pts/0 ; PWD=/home/user ; USER=anotheruser ; COMMAND=/usr/bin/whoami

关于rhel - pam_open_session : System error and sudo: policy plugin failed session initialization with no pass expiary in etc/pam. d/密码验证,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/54345009/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com