Results 1 to 10 of 10

Thread: sudo insults

  1. #1

    Default sudo insults

    How do you setup the sudo command so that it will insult the user if they enter the wrong password? I know it sounds kind of random, but I found that it was an option while looking up something else. I tried adding "Defaults insults" using visudo, and commenting out "Defaults targetpw" and "ALL ALL=(ALL) ALL", and adding my username as "blank888 ALL=(ALL) ALL" but I still can't get it to work right. Anyone have any ideas?

  2. #2
    Join Date
    Jul 2008
    Location
    Seattle, WA
    Posts
    17,079

    Default Re: sudo insults

    On Mon, 13 Jun 2011 17:36:02 +0000, blank888 wrote:

    > How do you setup the sudo command so that it will insult the user if
    > they enter the wrong password? I know it sounds kind of random, but I
    > found that it was an option while looking up something else. I tried
    > adding "Defaults insults" using visudo, and commenting out "Defaults
    > targetpw" and "ALL ALL=(ALL) ALL", and adding my username as "blank888
    > ALL=(ALL) ALL" but I still can't get it to work right. Anyone have any
    > ideas?


    Have a look at the man page for sudoers - that explains the setting and
    how to use it (and also seems to indicate that it's on by default)

    Jim



    --
    Jim Henderson
    openSUSE Forums Administrator
    Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

  3. #3

    Default Re: sudo insults

    Yea, I see that but for some reason I still get the message about pam authentication failure, instead of an insult.

  4. #4
    Join Date
    Jul 2008
    Location
    Seattle, WA
    Posts
    17,079

    Default Re: sudo insults

    On Mon, 13 Jun 2011 18:36:07 +0000, blank888 wrote:

    > Yea, I see that but for some reason I still get the message about pam
    > authentication failure, instead of an insult.


    What's the specific error you get?

    Jim



    --
    Jim Henderson
    openSUSE Forums Administrator
    Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

  5. #5
    Join Date
    Nov 2009
    Location
    Uruguay
    Posts
    737

    Default Re: sudo insults

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Add the line: Defaults insults to the sudoers file, seems that the
    visudo manpage are wrong

    - --
    VampirD

    Microsoft Windows is like air conditioning
    Stops working when you open a window.
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v2.0.15 (GNU/Linux)
    Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/

    iEYEARECAAYFAk32XBsACgkQJQ+0ABWtaVm6bQCePBm3CfMWAytnQjT5IOdQg/F8
    JjwAoLubMNQYIsjXX8yTI3HulQzOCNM5
    =dUqJ
    -----END PGP SIGNATURE-----

  6. #6

    Default Re: sudo insults

    I get
    sudo: pam_authenticate: User not known to the underlying authentication module

    I'm running LDAP client on this machine, but the local accounts still work. Is LDAP messing it up somehow?

  7. #7
    Join Date
    Mar 2010
    Location
    Austin - Texas
    Posts
    10,140
    Blog Entries
    48

    Smile Re: sudo insults

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Add the line: Defaults insults to the sudoers file, seems that the
    visudo manpage are wrong

    - --
    VampirD

    Microsoft Windows is like air conditioning
    Stops working when you open a window.
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v2.0.15 (GNU/Linux)
    Comment: Using GnuPG with SUSE - Enigmail: A simple interface for OpenPGP email security

    iEYEARECAAYFAk32XBsACgkQJQ+0ABWtaVm6bQCePBm3CfMWAytnQjT5IOdQg/F8
    JjwAoLubMNQYIsjXX8yTI3HulQzOCNM5
    =dUqJ
    -----END PGP SIGNATURE-----
    It appears that VampirD is correct. If you enter the command:

    Code:
    sudo -L
    The output seems to indicate insults is enabled, but it is not. If I then run the command:

    Code:
    sudo visudo
    To edit the sudoers and add the line (use Insert Key) that says:

    Code:
    Defaults insults
    Then do :W and a :Q, the Insults are ready to fly. Give it a try....

    Thank You,
    My Blog: https://forums.opensuse.org/blogs/jdmcdaniel3/

    Software efficiency halves every 18 months, thus compensating for Moore's Law

    Its James again from Austin, Texas

  8. #8

    Default Re: sudo insults

    Quote Originally Posted by jdmcdaniel3 View Post
    It appears that VampirD is correct. If you enter the command:

    Code:
    sudo -L
    The output seems to indicate insults is enabled, but it is not. If I then run the command:

    Code:
    sudo visudo
    To edit the sudoers and add the line (use Insert Key) that says:

    Code:
    Defaults insults
    Then do :W and a :Q, the Insults are ready to fly. Give it a try....

    Thank You,
    I've already added the line "Defaults insults" using visudo and it still isn't working.

  9. #9
    Join Date
    Mar 2010
    Location
    Austin - Texas
    Posts
    10,140
    Blog Entries
    48

    Smile Re: sudo insults

    So, the insults did not work at first for me. Then I made the following change, careful to use sudo visudo as recommended:

    Code:
    # unexpected or harmful way (CVE-2005-2959, CVE-2005-4158, CVE-2006-0151)
    Defaults always_set_home
    Defaults env_reset
    Defaults insults
    # Change env_reset to !env_reset in previous line to keep all environment variables
    Here are the insults that I have got.

    Code:
    james@linux-6m6e:~> sudo dir
    root's password:
    You do that again and see what happens...
    root's password:
    You gotta go owwwww!
    root's password:
    So, not sure what is wrong in your case...

    Thank You,
    My Blog: https://forums.opensuse.org/blogs/jdmcdaniel3/

    Software efficiency halves every 18 months, thus compensating for Moore's Law

    Its James again from Austin, Texas

  10. #10

    Default Re: sudo insults

    Quote Originally Posted by jdmcdaniel3 View Post
    So, the insults did not work at first for me. Then I made the following change, careful to use sudo visudo as recommended:

    Code:
    # unexpected or harmful way (CVE-2005-2959, CVE-2005-4158, CVE-2006-0151)
    Defaults always_set_home
    Defaults env_reset
    Defaults insults
    # Change env_reset to !env_reset in previous line to keep all environment variables
    Here are the insults that I have got.

    Code:
    james@linux-6m6e:~> sudo dir
    root's password:
    You do that again and see what happens...
    root's password:
    You gotta go owwwww!
    root's password:
    So, not sure what is wrong in your case...

    Thank You,
    I just figured it out. I have those same defaults but it still didn't work. I had to disable the LDAP client and then it started working.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •