How do you setup the sudo command so that it will insult the user if they enter the wrong password? I know it sounds kind of random, but I found that it was an option while looking up something else. I tried adding “Defaults insults” using visudo, and commenting out “Defaults targetpw” and “ALL ALL=(ALL) ALL”, and adding my username as “blank888 ALL=(ALL) ALL” but I still can’t get it to work right. Anyone have any ideas?
On Mon, 13 Jun 2011 17:36:02 +0000, blank888 wrote:
> How do you setup the sudo command so that it will insult the user if
> they enter the wrong password? I know it sounds kind of random, but I
> found that it was an option while looking up something else. I tried
> adding “Defaults insults” using visudo, and commenting out “Defaults
> targetpw” and “ALL ALL=(ALL) ALL”, and adding my username as “blank888
> ALL=(ALL) ALL” but I still can’t get it to work right. Anyone have any
> ideas?
Have a look at the man page for sudoers - that explains the setting and
how to use it (and also seems to indicate that it’s on by default)
Jim
–
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
Yea, I see that but for some reason I still get the message about pam authentication failure, instead of an insult.
On Mon, 13 Jun 2011 18:36:07 +0000, blank888 wrote:
> Yea, I see that but for some reason I still get the message about pam
> authentication failure, instead of an insult.
What’s the specific error you get?
Jim
–
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Add the line: Defaults insults to the sudoers file, seems that the
visudo manpage are wrong
VampirD
Microsoft Windows is like air conditioning
Stops working when you open a window.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/
iEYEARECAAYFAk32XBsACgkQJQ+0ABWtaVm6bQCePBm3CfMWAytnQjT5IOdQg/F8
JjwAoLubMNQYIsjXX8yTI3HulQzOCNM5
=dUqJ
-----END PGP SIGNATURE-----
I get
sudo: pam_authenticate: User not known to the underlying authentication module
I’m running LDAP client on this machine, but the local accounts still work. Is LDAP messing it up somehow?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Add the line: Defaults insults to the sudoers file, seems that the
visudo manpage are wrong
VampirD
Microsoft Windows is like air conditioning
Stops working when you open a window.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with SUSE - Enigmail: A simple interface for OpenPGP email security
iEYEARECAAYFAk32XBsACgkQJQ+0ABWtaVm6bQCePBm3CfMWAytnQjT5IOdQg/F8
JjwAoLubMNQYIsjXX8yTI3HulQzOCNM5
=dUqJ
-----END PGP SIGNATURE-----
It appears that VampirD is correct. If you enter the command:
sudo -L
The output seems to indicate insults is enabled, but it is not. If I then run the command:
sudo visudo
To edit the sudoers and add the line (use Insert Key) that says:
Defaults insults
Then do :W and a :Q, the Insults are ready to fly. Give it a try…
Thank You,
I’ve already added the line “Defaults insults” using visudo and it still isn’t working.
So, the insults did not work at first for me. Then I made the following change, careful to use sudo visudo as recommended:
# unexpected or harmful way (CVE-2005-2959, CVE-2005-4158, CVE-2006-0151)
Defaults always_set_home
Defaults env_reset
Defaults insults
# Change env_reset to !env_reset in previous line to keep all environment variables
Here are the insults that I have got.
james@linux-6m6e:~> sudo dir
root's password:
You do that again and see what happens...
root's password:
You gotta go owwwww!
root's password:
So, not sure what is wrong in your case…
Thank You,
I just figured it out. I have those same defaults but it still didn’t work. I had to disable the LDAP client and then it started working.