[Error]sudo: PAM account management error: Authentication service cannot retrieve authentication info

[lgdsgd2000]

Describe the bug
host: archlinux
container: archlinux
distrobox: 1.6.0.1 form archlinux repository
podman:4.7.2
I only created one container. Initially, I noticed that the container would not start after the distrobox update, and after checking the podman logs to resolve the issue(what I do), I had the problem shown in the title. This container is rootless, but now executing anything that requires sudo will get the error

To Reproduce
I created a new archlinux container but can't reproduce the error.

Logs
distrobox-enter subarch --verbose.txt

Additional context
Add any other context about the problem here.

[SebaLukas]

After updating to version: 1.6.0.1, I get the same error message as soon as I use sudo in the container.

To Reproduce

1. Create a new container.
2. Start the container and run a sudo cmd, e.g. sudo dnf update. Here sudo still works.
3. Stop and restart the container.
4. Run a cmd with sudo again. Now the above error message should appear.

Desktop (please complete the following information):

1. Podman version 4.7.2
2. Distrobox: 1.6.0.1
3. Fedora 38
4. dnf

Downgrading to version 1.5.0.2 helps. With 1.5.02 sudo works as usual in the container.

Edit
If I create a new container with an existing separate HOME folder, sudo dont work anymore.
But if I create a new container with a new empty HOME folder, the above error message does not appear.

[pavinjosdev]

Not able to reproduce issue with distrobox v1.6.0.1 and PR #1069 applied.

[ZariTen]

Getting the same issue here. Host is Fedora Kinoite, Container Arch Linux. After creating the container, everything is normal. But if i stop it and start again, i bump into this issue and can't use sudo anymore.
This doesn't seem to affect containers created with --root
Distrobox v1.6.0.1

[SimplyTadpole]

I have the same problem on Fedora Kinoite.

[haryp2309]

I have the same issue. The su-command still works, so I'm able to update the container and edit root files and such. But the sudo-command doesn't work anymore:

$ sudo echo "Hello World!"
sudo: PAM account management error: Authentication service cannot retrieve authentication info
sudo: a password is required

Host: Fedora Silverblue 39
Container: Fedora 38 (registry.fedoraproject.org/fedora:38) with separate home directory.

Edit:

These are the exact steps I did to reproduce it again:

1. distrobox create --name "test" --home /var/home/USER/Containers/test/
   • It automatically selected "registry.fedoraproject.org/fedora-toolbox:38" as container image
2. distrobox enter test
3. Check that sudo works (it did in my case)
4. CTRL-D to quit container
5. distrobox stop test
6. distrobox enter test
7. sudo doesn't work anymore

Edit 2:

The issue seems to be related to fedora based images, as I'm not able to reproduce it with an ubuntu image. (Same steps, just added --image ubuntu on the create-command.)

[Autumnlight02]

fedora kionite main os, happens when using an arch image as well!

[samkcdev]

I am facing same issue with my two containers

Distrobox version: 1.6.0.1
Host: Fedora Workstation 39
Containers: Debian and Arch
(both the containers have home in separate directories)

Any task that requires 'sudo' both the containers gives me sudo related errors

In Arch it give me the following

sudo: PAM account management error: Authentication service cannot retrieve authentication info
sudo: a password is required

In Debian it gives me

sudo: account validation failure, is your account locked?
sudo: a password is required

[samkcdev]

Currently I am on the latest 1.7.1
Host OS:Fedora 39
Both my existing arch and Debian containers shows the same sudo errors which I mentioned above. Does this work only in new containers or do I have to make any changes?

[pavinjosdev]

@samkcdev Could you try if the problem exists in a new debian container using toolbox image?

distrobox create --image quay.io/toolbx-images/debian-toolbox:12 \
--init --additional-packages "systemd libpam-systemd" \
--name deb-test

If not, you can clone the current ones into new distrobox containers.

[samkcdev]

@pavinjosdev

I cloned the existing debian and arch containers they cloned successfully and I was able to enter the containers but when I try to use sudo in both the containers it throws me a new error:(Note: these containers have two separate home directories)

sudo: /etc/sudo.conf is owned by uid 1000, should be 0
sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set

I have created a new debian test container the way you have shown so far its working fine with regards to sudo. Will test it for few days for any issues.

For now I am planning to create new arch containers to replace the existing ones