sudo-users digest, Vol 1 #263 - 4 msgs

Maubert, Pierre p-maubert at
Fri Dec 7 02:42:39 EST 2001

I have the same type of requirements on my site. The Sudo'd user wanted to
be warned when somebody does sudo su - john.

we wrote a little wrapper that send a message to the sudo'd user:  It may
not address completly your need but it can be usefull.

# Ce script est un wrapper de sudo,il permet d'envoyer des mails aux gens 
# dont on utilise de login avec sudo.
# Date: Sept 2001
# Auteur: Pierre Maubert.


mele() { 
        # Construction du Mail
        SUBJECT="WARNING: Your login $SUDOED, has been used by
        MESSAGE="\n Date: `date` \n
        Hostname: `hostname` \n \n
        WARNING: Your login $SUDOED, has been used by $SUDO_USER with the
command \"$SUDOPARAM\" \n\n

        REASON: $response\n"
        echo $MESSAGE | mailx -s "$SUBJECT" "$TOLIST"

if [[ "$SUDOPARAM" = *su* ]]; then 

/usr/bin/perl -e 'chomp; my($name) = (getpwnam('$USER'))[0];exit ($name eq

read response?"Please indicate what you want to do with sudo: "

for i in $SUDOPARAM
   j=`expr $j + 1`

case ${array[1]} in
  "-" ) case $array[2] in
         "" ) SUDOED="root" ;;
          * ) SUDOED="${array[2]}" ;;
                 esac ;;
   "" ) SUDOED="root" ;;
   *  ) SUDOED="${array[1]}" ;;

# envoie du Mail
if [[ "$ARGS" != *-nomail* ]]; then 
print "A warning message will be sent to "$SUDOED" \n \n"


exec /tool/sudo/bin/sudo $SUDOPARAM

Pierre Maubert, System Administrator   
Texas Instruments France 
Tel: +33 (0)4 93 22 26 81
Fax: +33(0)4 92 02 46 69
Email: Pierre Maubert <mailto:p-maubert at>

-----Original Message-----
From: Dana Kaempen [mailto:decay at]
Sent: Friday, December 07, 2001 12:30 AM
To: sudo-users at
Subject: Re: sudo-users digest, Vol 1 #263 - 4 msgs

Todd C. Miller wrote:
> In recent versions of sudo you can do the following:
> Defaults                logfile=/var/adm/sudo.log
> Defaults:john           logfile=/usr/local/log/sudo.john
> Defaults:jane           logfile=/usr/local/log/sudo.jane
Well, this does work as requested.  Perfectly.  But upon testing, it
became clear that I requested the wrong type of logging.  I'm actually
interested in logging by the sudo'd user, not the sudoer.  All the root
commands I still want logged to the default of /var/adm/sudo.log; but
for specific users that we sudo *into* I'd like to log to a different
file.  We may have multiple people su'g into the same couple of users. 
We want all the commands that su into a specific (non-root) user to end
up in a log file named for that specific user.  I asked the wrong
question yesterday - sorry about that.


User      Command                    Desired logfile
====      =======                    ===============
john      sudo kill 9955             /var/adm/sudo.log
john      sudo -u produser job1      /usr/local/log/produser
jane      sudo -u tester job755      /usr/local/log/tester
jane      sudo qadm -D PrdLJ4        /var/adm/sudo.log

Can this be done?

Thanks again,

mailto:decay at
"Keep the wheels rolling." - Anonymous traffic prophet

sudo-users mailing list <sudo-users at>
For list information, options, or to unsubscribe, visit:

More information about the sudo-users mailing list