[sudo-users] sudo messages to root tty

Todd C. Miller Todd.Miller at courtesan.com
Tue Aug 9 10:53:33 EDT 2011

On Sun, 17 Jul 2011 18:35:57 EDT, Michael F Lense wrote:

> I am running HP-UX 11.31 and using ixpress sudo to allow users to
> run some commands....  The issue is the many messages it puts out
> to the root tty throughout the day....
> Is there a way to stop these messages from displaying:
> Jul 17 18:25:14 tmoa1db01 sudo: sysadmin : /var/adm owned by uid 4, should be
>  uid 0 ; TTY=pts/2 ; PWD=/osg1/home/sysadmin ; USER=root ; COMMAND=/usr/bin/s
> u - root

That specific error you are getting is caused by using the following
configure option --with-timedir=/var/adm.  Typically, you would use
something like --with-timedir=/var/adm/sudo instead.

As for messages being sent to root's tty, that is due to your syslog
configuration and the syslog priority sudo is using for unsuccessful

> Syslog facility if syslog is being used for logging: authpriv
> Syslog priority to use when user authenticates successfully: notice
> Syslog priority to use when user authenticates unsuccessfully: alert

Your /ets/syslog.conf has a line like:

    *.alert                 root

so when sudo logs to authpriv.alert, syslog sends that message to
root's terminal.  You can either lower the priority sudo is usings,
via the syslog_badpri setting in sudoers, or modify your syslog.conf

 - todd

More information about the sudo-users mailing list