[sudo-users] sudo script is not sending mail as the invoking user

Gary S. Kortz gskortz at ghscol.com
Thu Sep 17 15:13:53 MDT 2015 

Earlier and much older version of sudo do produce the user behavior you
describe regardless of the -u option. I confirmed it work up to 1.6.9,
however, I don't have any other intermediary versions to test against.


GSK

gskortz at ghscol.com O:303-333-3622 C:720-982-5836 Help Desk: 720-213-8055



-----Original Message-----
From: sudo-users [mailto:sudo-users-bounces at sudo.ws] On Behalf Of Tansley,
David
Sent: Thursday, September 17, 2015 12:39 PM
To: sudo-users at sudo.ws
Subject: [sudo-users] sudo script is not sending mail as the invoking user

Hello,

Recently upgraded our AIX box to 7.1, notice sudo is not doing what it done
previously.
That is I have various scripts owned by root who generated audit reports. It
then emails out to a list.
When the script is ran under the invoking user ( ndm), we get the  emails
but the sender is root and not ndm.
Prior to our upgrade it was the invoking user (ndm), who was the sender of
the email.
I am running sudo 1.8.14.

I initially assumed it was rbac ( security module) , but I have disabled
that.

Here's, what I mean, using a simple script.




# su - ndm
$ sudo -l
Matching Defaults entries for ndm on uk01rs6:
    env_keep+="LOGNAME LIBPATH SHELLOPTS AUTHSTATE MAIL", !syslog

User ndm may run the following commands on uk01rs6:
    (ALL) NOPASSWD: /usr/local/bin/testme
    (root) NOPASSWD: /home/dt/testmail2
    (root) NOPASSWD: /usr/bin/mail *

$ sudo -u root /usr/bin/mail -v root < /tmp/myfile root... Connecting to
local...
root... Sent
$ exit
# mail
Mail [5.2 UCB] [AIX 5.X]  Type ? for help.
"/var/spool/mail/root": 3 messages 1 new 3 unread
U  1 ndm               Wed Sep 16 13:49  33/1821
U  2 ndm               Wed Sep 16 13:49  33/1821
>N  3 root              Wed Sep 16 13:54  32/1794

It should be from the user: ndm (sender) and not root. ( mail no:3 that is)

su works OK, roots mail gets it as ndm (sender):

# su - ndm
$ /usr/bin/mail -v root < /tmp/myfile
root... Connecting to local...
root... Sent
$ exit
# mail
Mail [5.2 UCB] [AIX 5.X]  Type ? for help.
"/var/spool/mail/root": 4 messages 1 new 4 unread
U  1 ndm               Wed Sep 16 13:49  33/1821
U  2 ndm               Wed Sep 16 13:49  33/1821
U  3 root              Wed Sep 16 13:54  33/1804
>N  4 ndm               Wed Sep 16 13:57  32/1811


Any idea's.

___________________________________________________________________
This email is intended for the designated recipient(s) only, and may be
confidential, non-public, proprietary, protected by the attorney/client or
other privilege. Unauthorized reading, distribution, copying or other use of
this communication is prohibited and may be unlawful. Receipt by anyone
other than the intended recipient(s) should not be deemed a waiver of any
privilege or protection. If you are not the intended recipient or if you
believe that you have received this email in error, please notify the sender
immediately and delete all copies from your computer system without reading,
saving, or using it in any manner. Although it has been checked for viruses
and other malicious software ("malware"), we do not warrant, represent or
guarantee in any way that this communication is free of malware or
potentially damaging defects. All liability for any actual or alleged loss,
damage, or injury arising out of or resulting in any way from the receipt,
opening or use of this email is expressly disclaimed.
______________________________________________________________________
____________________________________________________________
sudo-users mailing list <sudo-users at sudo.ws> For list information, options,
or to unsubscribe, visit:
http://www.sudo.ws/mailman/listinfo/sudo-users

More information about the sudo-users mailing list