I recently had to move an Ubuntu server to a new network. After I hooked it up again, I find I can no longer sudo, even though I was able to previously.
Does this mean a network problem is interfering with sudo (perhaps via PAM or something?) I don't really know the ins and outs of linux security.
Thx! Tom
Are there hostname-based restrictions on the commands in your sudoers?
The user specifications say which users, on which machines, can invoke which commands (as which target user). Often, the machine restriction is given as
ALL, but perhaps it isn't in your setup?The only way moving a machine to a new network can change your auth setup is if your auth setup depends on authorizing via the network somehow, like via LDAP or something. Your PAM config would indeed be involed in this, so you should look there at least to start figuring out what needs fixing.
Turns out the reason was really stupid: a CIFS share couldn't be located on the new network, causing the mount.cifs utility to repeatedly log to the console and screw up all keyboard input. This meant that in reality I couldn't even log in let alone sudo.
Once I removed the CIFS share from /etc/fstab, everything worked just fine, including sudo.
Thanks to all for their input. :)