OK, one of the users on our LAN has changed their login details to log in automatically and no password. Fine, I don't like it, but I won't force passwords on these users. It's a family thing and I'm trying to convert our LAN from Win to predominantly Linux. They ain't happy about that but c'est la vie.
Anyways, on the computer in question I went to install a piece of SW for the user. (They're not in sudo group.) Oddly, on using
suto switch to the admin account I was asked for their password, not admins. Which, being blank, cannot be entered. Just hitting <enter> gives a wrong response reply. I tried the admin pw with the same response.
Out of curiosity I tried
sudoand it also asked for a pw. With the same results as su, btw. Now, if they're not in sudo group they shouldn't even have access to sudo, correct? I've checked permissions, groups, etc. and everything still looks correct.
I'm not sure how they managed to change their log-in details but I suspect it's not through... approved methods. Kids.
I've restored a Timeshift snapshot to fix this particular problem (which it did) and went admin to give 'em a pw-less account but I'd like to know more about where to look to fix this sort of thing manually. I'm sure this won't be the last I see...