Re: 'sudo' built w/pam option sometimes fails on i386 netbsd-9 and -current

To: John Nemeth <jnemeth%cue.bc.ca@localhost>
Subject: Re: 'sudo' built w/pam option sometimes fails on i386 netbsd-9 and -current
From: "John D. Baker" <jdbaker%consolidated.net@localhost>
Date: Mon, 4 Nov 2019 18:14:04 -0600 (CST)

On Mon, 4 Nov 2019, John D. Baker wrote:

> On Mon, 4 Nov 2019, John Nemeth wrote:
> 
> > On Nov 4,  8:37am, "John D. Baker" wrote:
> > }
> > } [...]
> > } ===> Replacing for libkate-0.4.1nb16
> > } => Becoming ``root'' to make su-replace (sudo)
> > } sudo: unable to initialize PAM: Operation not permitted
> > } *** Error code 1
> > 
> >      Anything in /var/log/authlog about it?
> 
> The only thing besides the exact same message above is the usual syslog
> annotations (timestamp, etc.) and the command (w/environment) that was
> to be run.

Actually, that's not quite the case.  There's an extra field, probably
just reporting the username that is trying to use 'sudo':

[...]
Nov  4 08:31:37 hostname sudo:    user : unable to initialize PAM: Operation not permitted ; TTY=pts/0 ; PWD=/x/pkgsrc/multimedia/libkate ; USER=root ; COMMAND=/bin/sh -c cd /x/pkgsrc/multimedia/libkate &&                                      /usr/bin/env MAKECONF=/etc/mk.conf PATH=/d0/build/pkgsrc/multimedia/libkate/work/.cwrapper/bin:/d0/build/pkgsrc/multimedia/libkate/work/.buildlink/bin:/d0/build/pkgsrc/multimedia/libkate/work/.gcc/bin:/d0/build/pkgsrc/multimedia/libkate/work/.tools/bin:/usr/pkg/bin:/usr/bin:/bin:/usr/pkg/bin:/usr/local/bin:/usr/X11R7/bin:/usr/sbin:/sbin:/usr/pkg/sbin:/usr/local/sbin:/usr/games:/var/home/sysop/bin                                 PATH=/usr/bin:/bin:/usr/pkg/bin:/usr/local/bin:/usr/X11R7/bin:/usr/sbin:/sbin:/usr/pkg/sbin:/usr/local/sbin:/usr/games:/var/home/sysop/bin:/sbin:/usr/sbin      /usr/bin/make  .MAKE.LEVEL.ENV=MAKELEVEL HOST_OSTYPE=NetBSD-9.99.17-i386 IN_PKG_ROLLING_REPLACE=1 _SRC_TOP_= LOWER_OPSYS=netbsd _PKGSRC_BARRIER=yes             PKG_DEBUG_LEVEL=0               USE_CROSS_COMPILE=NO    su-replace

In my "sudoers" file, I authorize all "wheel" group members and the
user in question is a member of "wheel".

Never used to see this issue anywhere, even while building packages on
8.99.*.  Seems to have cropped up when netbsd-9 was branched (or possibly
after some key pull-up from HEAD) and I only see it on i386.  I also
build routinely on amd64 (-9, -current), sparc (-9, current), and
evbearmv7hf-el (-9) and have not had this happen on any of those platforms.

-- 
|/"\ John D. Baker, KN5UKS               NetBSD     Darwin/MacOS X
|\ / jdbaker[snail]consolidated[flyspeck]net  OpenBSD            FreeBSD
| X  No HTML/proprietary data in email.   BSD just sits there and works!
|/ \ GPGkeyID:  D703 4A7E 479F 63F8 D3F4  BD99 9572 8F23 E4AD 1645

References:
- Re: 'sudo' built w/pam option sometimes fails on i386 netbsd-9 and -current
  - From: John Nemeth
- Re: 'sudo' built w/pam option sometimes fails on i386 netbsd-9 and -current
  - From: John D. Baker

Prev by Date: Re: 'sudo' built w/pam option sometimes fails on i386 netbsd-9 and -current
Next by Date: Re: golang for NetBSD-9.0_BETA-aarch64
Previous by Thread: Re: 'sudo' built w/pam option sometimes fails on i386 netbsd-9 and -current
Next by Thread: rust & clang
Indexes:

Home | Main Index | Thread Index | Old Index