From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Sat, 5 Feb 2005 18:18:20 +0000 (+0000)
Subject: Help for PAM when account section is missing
X-Git-Tag: SUDO_1_7_0~727
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=b2f7e61ff37e9c169120e3bc8f8f3a47d46fbf15;p=sudo

Help for PAM when account section is missing
---

diff --git a/TROUBLESHOOTING b/TROUBLESHOOTING
index d5d6b86aa..3e7e40aae 100644
--- a/TROUBLESHOOTING
+++ b/TROUBLESHOOTING
@@ -18,9 +18,19 @@ A) Sudo must be setuid root to do its work.  You need to do something like
    to have '.' in your path you should make sure it is at the end.
 
 Q) Sudo never gives me a chance to enter a password using PAM, it just
-   says 'Sorry, try again.' three times and quits.
-A) You didn't setup PAM to work with sudo.  On Linux this generally
-   means installing sample.pam as /etc/pam.d/sudo.
+   says 'Sorry, try again.' three times and exits.
+A) You didn't setup PAM to work with sudo.  On Redhat Linux or Fedora
+   Core this generally means installing sample.pam as /etc/pam.d/sudo.
+   See the sample.pam file for hints on what to use for other Linux
+   systems.
+
+Q) Sudo says 'Account expired or PAM config lacks an "account"
+   section for sudo, contact your system administrator' and exits
+   but I know my account has not expired.
+A) Your PAM config lacks an "account" specification.  On Linux this
+   usually means you are missing a line like:
+	account    required    pam_unix.so
+   in /etc/pam.d/sudo.
 
 Q) Sudo is setup to log via syslog(3) but I'm not getting any log
    messages.