[sudo-users] sudo messages to root tty
Todd C. Miller
Todd.Miller at courtesan.com
Tue Aug 9 10:53:33 EDT 2011
On Sun, 17 Jul 2011 18:35:57 EDT, Michael F Lense wrote:
> I am running HP-UX 11.31 and using ixpress sudo to allow users to
> run some commands.... The issue is the many messages it puts out
> to the root tty throughout the day....
>
> Is there a way to stop these messages from displaying:
> Jul 17 18:25:14 tmoa1db01 sudo: sysadmin : /var/adm owned by uid 4, should be
> uid 0 ; TTY=pts/2 ; PWD=/osg1/home/sysadmin ; USER=root ; COMMAND=/usr/bin/s
> u - root
That specific error you are getting is caused by using the following
configure option --with-timedir=/var/adm. Typically, you would use
something like --with-timedir=/var/adm/sudo instead.
As for messages being sent to root's tty, that is due to your syslog
configuration and the syslog priority sudo is using for unsuccessful
attempts.
> Syslog facility if syslog is being used for logging: authpriv
> Syslog priority to use when user authenticates successfully: notice
> Syslog priority to use when user authenticates unsuccessfully: alert
Your /ets/syslog.conf has a line like:
*.alert root
so when sudo logs to authpriv.alert, syslog sends that message to
root's terminal. You can either lower the priority sudo is usings,
via the syslog_badpri setting in sudoers, or modify your syslog.conf
file.
- todd
More information about the sudo-users
mailing list