I followed the instructions here to set up a tljh server on Jetstream. After getting it up and running, I was able to log in and access the admin panel to add and remove users. Following the instructions, I opened up the terminal to attempt to install some conda packages. Using the same password I used to log into the server, I am unable to get past the password prompt. I’ve tried shutting down and re-starting the server and have also tried adding other admin users, but I can’t seem to find a user/password combo that works. It appears that I can’t run any sudo commands.
Here’s an example of what I’m trying:
jupyter-karlwx@js-168-125:~$ sudo -E conda-install -c conda-forge cartopy
[sudo] password for jupyter-karlwx:
Sorry, try again.
[sudo] password for jupyter-karlwx:
sudo: 1 incorrect password attempt
jupyter-karlwx@js-168-125:~$ su
Password:
su: Authentication failure
You’re in the jupyterhub-admins group which is good. Are you able to obtain root/admin access to your VM, if so can you check the contents of /etc/sudoers and /etc/sudoers.d/jupyterhub-admins?
To eliminate other potential issues, I created a new VM for the project, went through the setup process again, and gave the jupyter admin user a different username than my own. The problem still persists. Here’s what’s contained in those files:
karlwx@js-169-208:~$ sudo cat /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaultsenv_reset
Defaultsmail_badpass
Defaultssecure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
rootALL=(ALL:ALL) ALL
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
# Allow members of group sudo to execute any command
%sudoALL=(ALL:ALL) ALL
# See sudoers(5) for more information on "#include" directives:#includedir /etc/sudoers.d
#Defaults mail_always
%users ALL=(ALL) NOPASSWD: ALL
jfischer ALL=(ALL) ALL
jfischer ALL=(ALL) NOPASSWD:ALL
%users ALL=(ALL) ALL
karlwx ALL=(ALL) ALL
karlwx ALL=(ALL) NOPASSWD:ALL
karlwx@js-169-208:~$ sudo cat /etc/sudoers.d/jupyterhub-admins
%jupyterhub-admins ALL = (ALL) NOPASSWD: ALL
Defaults exempt_group = jupyterhub-admins
Thanks, it looks like your copy-and-paste may have messed up the sudoers file, e.g. it looks like some lines or spaces may have been removed. Could you check carefully, and paste it again if there were mistakes?
If this is really what it looks like then that would explain why sudo doesn’t work, your sudoers file is invalid.
It looks like there are tabs that didn’t paste correctly. I’m not sure if that’s causing any issues. Is there anything actually missing in my sudoers file that could cause these issues? I can run sudo with my main user (karlwx) but not with the jupyter admin account (wxadmin).
To confirm, wxadmin is in the jupyterhub-admins group
karlwx@js-170-139:~$ id jupyter-wxadmin
uid=1001(jupyter-wxadmin) gid=1003(jupyter-wxadmin) groups=1003(jupyter-wxadmin),1001(jupyterhub-admins),1002(jupyterhub-users)
But it does not have sudo privileges
karlwx@js-170-139:~$ sudo -l -U jupyter-wxadmin
User jupyter-wxadmin is not allowed to run sudo on js-170-139.
karlwx@js-170-139:~$
