OpenVZ Forum


Home » General » Support » SUDO inside VPS don't work
SUDO inside VPS don't work [message #28831] Sat, 29 March 2008 17:22 Go to next message
salmi is currently offline  salmi
Messages: 4
Registered: March 2008
Junior Member
Hi all!

Have template fedora-8-i386-minimal.tar.gz

inside vps make command:

[root@mars /]# sudo -u ftp ls /
sudo: Error dropping capabilities, aborting
: Operation not permitted

tail /var/log/secure
sudo: root : TTY=pts/1 ; PWD=/ ; USER=ftp ; COMMAND=/bin/ls /

Please help!

attach strace log
  • Attachment: strace.log
    (Size: 105.90KB, Downloaded 641 times)
Re: SUDO inside VPS don't work [message #28833 is a reply to message #28831] Sat, 29 March 2008 20:20 Go to previous messageGo to next message
kir is currently offline  kir
Messages: 1645
Registered: August 2005
Location: Moscow, Russia
Senior Member

What kernel do you use?

Kir Kolyshkin
http://static.openvz.org/userbars/openvz-developer.png
Re: SUDO inside VPS don't work [message #28836 is a reply to message #28833] Sat, 29 March 2008 20:38 Go to previous messageGo to next message
salmi is currently offline  salmi
Messages: 4
Registered: March 2008
Junior Member
2.6.18-ovz028stab053.4-enterprise
Re: SUDO inside VPS don't work [message #28840 is a reply to message #28836] Sun, 30 March 2008 06:46 Go to previous messageGo to next message
salmi is currently offline  salmi
Messages: 4
Registered: March 2008
Junior Member
On host machine this commamd look like:

[root@host /]# sudo -u ftp ls /
audit_log_user_command(): Connection refused
bin dev home lib media mnt opt root selinux sys usr vz
boot etc lost+found misc net proc sbin srv tmp var
Re: SUDO inside VPS don't work [message #35372 is a reply to message #28831] Fri, 20 March 2009 00:43 Go to previous messageGo to next message
boulderdrop is currently offline  boulderdrop
Messages: 1
Registered: March 2009
Junior Member
Did you ever find a resolution to this problem?

I'm getting the same error with *any* "sudo" command for things like:
/bin/ls
/usr/bin/whoami

sudo -u MYUSERNAME /usr/bin/whoami
sudo: Error dropping capabilities, aborting
: Operation not permitted

/var/log/secure
Mar 19 17:42:02 MYHOSTNAME sudo: MYUSER : TTY=ttyp0 ; PWD=/home/MYUSER ; USER=MYUSER ; COMMAND=/usr/bin/whoami
Re: SUDO inside VPS don't work [message #35373 is a reply to message #35372] Fri, 20 March 2009 07:16 Go to previous messageGo to next message
maratrus is currently offline  maratrus
Messages: 1495
Registered: August 2007
Location: Moscow
Senior Member
Hello,

could you please try the lates RHEL5 based kernel
http://download.openvz.org/kernel/branches/rhel5-2.6.18/curr ent/
Re: SUDO inside VPS don't work [message #35478 is a reply to message #35373] Fri, 27 March 2009 16:41 Go to previous message
zoom is currently offline  zoom
Messages: 19
Registered: March 2006
Location: Regina, Saskatchewan Cana...
Junior Member
maratus,

I have the latest RHEL5 Kernel supporting OpenVZ (2.6.18-92.1.18.el5.028stab060.2) and even at the host level I get this message "audit_log_user_command(): Connection refused". It seems the only way to remove the audit message is to compile the audit option into the kernel. Apparently, both RedHat and Fedora have this option enabled in the kernel. I'm assuming that if you enable this option in the OpenVZ kernel the problem will be solved.

For now I just live with the annoying message "audit_log_user_command(): Connection refused"

[Updated on: Fri, 27 March 2009 16:44]

Report message to a moderator

Previous Topic: FATAL: Could not load /lib/modules/2.6.24-23-openvz/modules.dep: No such file or directory
Next Topic: sshd: [accepted] and other attacks
Goto Forum:
  


Current Time: Tue Feb 27 13:26:56 GMT 2024

Total time taken to generate the page: 0.02617 seconds