When user smithj attempts to execute sudo commands on CentOS 6, the system behaves unexpectedly:
$ sudo adduser jonesjp
Sorry, try again.
Sorry, try again.
Sorry, try again.
sudo: 3 incorrect password attemptsNotably absent is the password prompt that should appear before these rejection messages. The user is properly configured in /etc/sudoers:
root ALL=(ALL) ALL
smithj ALL=(ALL) ALLSeveral system components could be responsible for this behavior:
- PAM Configuration: The Pluggable Authentication Modules stack handles sudo authentication
- Terminal Settings: PTY allocation issues with remote sessions
- Sudoers Configuration: Potential NOPASSWD directives or syntax errors
- System Logs: Authentication attempts might reveal more details
First, check relevant system logs:
# tail -f /var/log/secure
# journalctl -xe (for newer systems)Inspect the PAM configuration for sudo:
# cat /etc/pam.d/sudo
# Check for any unusual modules or broken dependenciesBased on similar cases, here's the most effective resolution sequence:
# Verify sudo binary integrity
rpm -V sudo
# Reinstall PAM modules (CentOS 6 specific)
yum reinstall pam*
# Check terminal permissions
ls -l /dev/pts/
# Test with local console session
su - smithj
sudo -lIf PAM configuration is corrupted, restore the default:
# Backup current config
cp /etc/pam.d/sudo /etc/pam.d/sudo.bak
# Apply known working configuration
cat > /etc/pam.d/sudo << 'EOF'
auth include system-auth
account include system-auth
password include system-auth
session optional pam_keyinit.so revoke
session required pam_limits.so
EOFAfter making changes, verify the fix:
# As the affected user
sudo -k # Clear any cached credentials
sudo -l # Should now prompt properlyIf issues persist, consider these advanced checks:
# Check SELinux context
ls -Z /usr/bin/sudo
# Verify tty allocation
stty -aRemember that CentOS 6 reached EOL in November 2020, so upgrading should be considered for security reasons.
When smithj attempts to execute sudo adduser jonesjp on a CentOS 6 system, something unusual happens:
$ sudo adduser jonesjp
Sorry, try again.
Sorry, try again.
Sorry, try again.
sudo: 3 incorrect password attempts
Notice two critical anomalies:
- No password prompt appears before the error messages
- The system immediately fails with 3 attempts counted
First, verify the sudoers configuration is actually being loaded:
# Verify sudoers syntax
$ sudo visudo -c
/etc/sudoers: parsed OK
# Check effective privileges
$ sudo -l
The reported /etc/sudoers content shows proper configuration:
root ALL=(ALL) ALL
smithj ALL=(ALL) ALL
The most likely culprit is PAM (Pluggable Authentication Modules) configuration. Check these files:
# Examine PAM stack for sudo
$ cat /etc/pam.d/sudo
# Common problematic patterns to look for:
auth sufficient pam_permit.so
auth required pam_deny.so
Here's what a healthy PAM configuration should resemble:
auth include system-auth
account include system-auth
session include system-auth
Since the user connects via PuTTY, TTY allocation might be involved. Test with:
# Force pseudo-tty allocation
$ ssh -tt user@host sudo whoami
# Check TTY settings
$ stty -a
Certain environment variables can interfere with sudo's operation:
# Check for problematic variables
$ env | grep -i 'sudo\|tty\|term'
# Test with clean environment
$ env -i sudo -k whoami
Enable sudo debugging to gather more information:
# Temporary debug mode
$ sudo -D adduser jonesjp
# Permanent debugging (add to /etc/sudo.conf)
Debug sudo /var/log/sudo_debug all@debug
For legacy systems, sometimes the solution involves:
# Reinstall PAM and sudo packages
$ yum reinstall pam sudo
# Verify SELinux context
$ restorecon -v /etc/pam.d/*