[Bug 1766325] Re: sudo: pam_unix(sudo:auth): conversation failed

Fri Sep 7 16:44:12 UTC 2018

I have the same issue.
Both after adding a new user or doing a password change to a current user I have the same problem.

I cannot do a clean install because my server service provider had an
older distribution for installation only, not 18.04

Luckily I have multiple user accounts with sudo access from 17.10,
however this is a really annoying bug and a security problem for myself
personally, as I am afraid that if I change my passwords something bad
might happen.

Does Ubuntu do bounty for bugs? I would definitely pay/contribute to
have this fixed?

I will continue looking for now.

I have changed my password multiple times and made it as short as
possible to make sure the character input was correct.

I am willing to ugrade again if that will fix things.

Does this have something to do with my /etc/shadow and possibly the hash
salt changing?

Error log:

Sep  7 15:37:31 localhost sudo: pam_unix(sudo:auth): authentication failure; logname=user1 uid=1003 euid=0 tty=/dev/pts/1 ruser=user1 rhost=  user=user1
Sep  7 15:40:41 localhost sudo: pam_unix(sudo:auth): auth could not identify password for [user1]
Sep  7 15:40:41 localhost sudo: user1 : 1 incorrect password attempt ; TTY=pts/1 ; PWD=/home/user1 ; USER=root ; COMMAND=/usr/bin/test

sudoers:

#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults        env_reset
Defaults        mail_badpass
Defaults        secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root    ALL=(ALL:ALL) ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL

# See sudoers(5) for more information on "#include" directives:

#includedir /etc/sudoers.d

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to pam in Ubuntu.
https://bugs.launchpad.net/bugs/1766325

Title:
  sudo: pam_unix(sudo:auth): conversation failed

Status in pam package in Ubuntu:
  Confirmed
Status in sudo package in Ubuntu:
  Confirmed

Bug description:
  Hello.

  I experience a bug after upgrading from Ubuntu 17.10 to 18.04.

  The bug seems to be a regression because what I am trying to do was
  working with Ubuntu 17.10 and stopped working after the upgrade.

  Here is the problem:

  I have 2 users on my system. One is the user that is created during
  installation, named zzz. The other user I added later, named abc. Both
  users have passwords set. According to passwd the password for user
  abc is a locked password (L) (whatever that means).

  Now I am logged into user zzz and want to execute a program as user
  abc without entering the password of user abc.

  Until Ubuntu 17.10 this was done like this: "sudo -i -u abc /usr/bin/java -version".
  To get that working I had to add this via visudo: "zzz ALL=(abc) NOPASSWD: /usr/bin/java"

  Now this seems to be ignored. Instead the terminal is asking for the
  password of user abc. I see this in /var/log/auth.log: "sudo:
  pam_unix(sudo:auth): conversation failed".

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam/+bug/1766325/+subscriptions