[sudo-users] troubleshooting with logs
fabrice.schuler at ferma.fr
Tue Jul 19 12:05:18 EDT 2005
I am currently running sudo 1.6.8p5 on solaris 5.7, and I have
troubleshootings analyzing the logs.
My problem is on the field TTY :
For most of users, it corresponds to their TTY, which is what I want -
it's OK then.
But I have problems wih a daemon calling sudo. This daemon has no tty.
On the first times (I would say for a couple of weeks), the TTY logged
in sudo logs was "console"
My problem is that this tty is reserved for the console, and, according
to all the documentation I could find on the web, it is not possible to
attach a process to this tty if not logged on the console (which is not
the case - I am certain of that)...
I agree this may not come from sudo, but if somebody ever had the same
problem, or may know where it comes from or what I did for this to
happen, I prefer to ask.
For the moment, the tty logged is "unknown". Is it correct for a daemon
to be logged with this TTY (I guess so, but as I said, I could not find
any documentation about this) ?
Sample from the logfile :
Jul 19 16:48:12 2005 : user1 : HOST=machine : TTY=unknown ;
PWD=/var/opt/directory/cores/ftc ; USER=user2 ; COMMAND=/bin/ksh -c .
/export/home/user2/.profile >/dev/null 2>&1 ; export/home/user2/tata.ksh
>/dev/null 2>&1 ; /opt/directory/sbin/ftcreport 1795193362 3 751458
tata $? >/dev/null 2>&1 >/dev/null 2>&1
Last question : could anybody tell me exactly when the TTY field will be
set to "unknown" in the logs ?
Thanks in advance, hopping my questions were clear enough to obtain an
More information about the sudo-users