Confined users to sysadm_u or staff_u cannot sudo when RSA authentication is enabled ("pam_securid.so" in PAM stack)

Solution Verified - Updated -

Issue

  • Trying to sudo from a confined user, sudo fails with the following error message

    $ sudo -i
sudo: 1 incorrect password attempt
$

  • The journal shows the following error message

    [...] sudo: PAM unable to dlopen(/usr/lib64/security/pam_securid.so): /var/ace/lib/64bit/libpamrest.so: cannot open shared object file: Permission denied

Environment

  • Red Hat Enterprise Linux 7 and later
    • 3rd party RSA authentication pam_securid.so (RSA Authentication Agent For PAM)

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content