Hi There,
I have added an additional group to our sudoers file to allow sudo elevation, the syntax is:
%group2 ALL=(ALL) ALL. They can log in initially but when they try to sudo they receive the message:
sudo: account validation failure, is your account locked. I added a new line in the system-auth file in addition to the line I have for our admin accounts in the form:
account [default=bad success=ignore] pam_succeed_if.so user ingroup group2 quiet
This does not work and has the additional effect of giving me the same error message when I try to sudo so I have to remove the line.
I am not sure what else to change to allow this to work.
sudo: account validation failure is your account locked
Resolved sudo: account validation failure is your account lo
I changed the default=bad in the line above the last entry to ignore and it now works.