[Freedombox-discuss] Plinth not starting after upgrading to Buster

Dieter dieter at sarina-ist-doof.de
Sun Aug 11 19:08:54 BST 2019

Hello James,

thank you for your help, that file was existing and containes the lines
you mentioned.

I found the problem earlier today.

In the postinst script of plinth i found:

# Due to a change in sudo, now it runs PAM modules even on password-less
# invocations. This leads to plinth not being able to run root
privileges. This
# is because of our own restrictions in /etc/security/access.conf. Since
# is locked out after upgrade, we need to do this in postinst.
sed -i 's+-:ALL EXCEPT root fbx (admin) (sudo):ALL+-:ALL EXCEPT root fbx
plinth (admin) (sudo):ALL+' /etc/security/access.conf

however, the sed line was not correctly executed it seems, as the lines
it probably should remove from access.conf were still there in my

I've removed these lines, now everything is working as expected.

Oh and, the sed line is supposed to remove the text, right? ;)



On 11/08/2019 17:40, James Valleroy wrote:
> On 8/10/19 12:07 PM, Dieter wrote:
>> in/plinth[2419]: Executing command - ['sudo', '-n',
>> '/usr/share/plinth/actions/service', 'reload', 'avahi-daemon']
>> 223]: pam_access(sudo:account): access denied for user `plinth' from `'
>> 223]: pam_access(sudo:account): access denied for user `plinth' from `'
>> 223]:   plinth : PAM account management error: Permission denied ;
> Could you please check that this file exists?
> $ sudo cat /etc/sudoers.d/plinth
> #
> # Allow plinth user to run plinth action scripts with superuser privileges
> # without needing a password.
> #
> plinth    ALL=(ALL:ALL) NOPASSWD:/usr/share/plinth/actions/*
> #
> # On FreedomBox, allow all users in the 'admin' LDAP group to execute
> # commands as root.
> #
> %admin ALL=(root) ALL
> _______________________________________________
> Freedombox-discuss mailing list
> Freedombox-discuss at alioth-lists.debian.net
> https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/freedombox-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/freedombox-discuss/attachments/20190811/c3655e0e/attachment.html>

More information about the Freedombox-discuss mailing list