[sudo-users] sudo messages to root tty
Michael F Lense
michael.lense at convergys.com
Sun Jul 17 19:14:51 EDT 2011
I am running HP-UX 11.31 and using ixpress sudo to allow users to run some commands....
The issue is the many messages it puts out to the root tty throughout the day....
Is there a way to stop these messages from displaying:
Jul 17 18:25:14 tmoa1db01 sudo: sysadmin : /var/adm owned by uid 4, should be uid 0 ; TTY=pts/2 ; PWD=/osg1/home/sysadmin ; USER=root ; COMMAND=/usr/bin/su - root
I am writing the sudo outputs log to /var/log/sudolog, so my only guess for this message is that the sulog is written to /var/adm/sulog ???
I've checked all of my other HP-UX servers and all of them have the /var/adm ownership at adm:adm, just like this server, so I am not sure
why it is complaining about this here....
=>ls -al /var
drwxr-xr-x 20 adm adm 8192 Jul 17 18:20 adm
Can anyone help in resolving this issue ??
The sudo version is:
Sudo version 1.7.4p6
Configure args: --prefix=/opt/iexpress/sudo --enable-log-host --with-pam --with-fqdn --with-timedir=/var/adm --with-sudoers-mode=440 --with-sudoers-uid=2 --with-sudoers-gid=2 --sysconfdir=/opt/iexpress/sudo/etc --with-ldap=/opt/iexpress/openldap --with-libpath=/usr/local/lib
Sudoers path: /opt/iexpress/sudo/etc/sudoers
nsswitch path: /etc/nsswitch.conf
ldap.conf path: /etc/ldap.conf
ldap.secret path: /etc/ldap.secret
Authentication methods: 'pam'
Syslog facility if syslog is being used for logging: authpriv
Syslog priority to use when user authenticates successfully: notice
Syslog priority to use when user authenticates unsuccessfully: alert
Send mail if the user is not in sudoers
Use a separate timestamp for each user/tty combo
Lecture user the first time they run sudo
Require users to authenticate by default
Root may run sudo
Log the hostname in the (non-syslog) log file
Allow some information gathering to give useful error messages
Require fully-qualified hostnames in the sudoers file
Set the LOGNAME and USER environment variables
Length at which to wrap log file lines (0 for no wrap): 80
Authentication timestamp timeout: 5.0 minutes
Password prompt timeout: 5.0 minutes
Number of tries to enter a password: 3
Umask to use or 0777 to use user's: 022
Path to mail program: /usr/sbin/sendmail
Flags for mail program: -t
Address to send mail to: root
Subject line for mail messages: *** SECURITY information for %h ***
Incorrect password message: Sorry, try again.
Path to authentication timestamp dir: /var/adm
Default password prompt: Password:
Default user to run commands as: root
Path to the editor for use by visudo: /usr/bin/vi
When to require a password for 'list' pseudocommand: any
When to require a password for 'verify' pseudocommand: all
File containing dummy exec functions: /opt/iexpress/sudo/libexec/sudo_noexec.so
File descriptors >= 3 will be closed before executing a command
Reset the environment to a default set of variables
Environment variables to check for sanity:
Environment variables to remove:
Environment variables to preserve:
Locale to use while parsing sudoers: C
Local IP address and netmask pairs:
10.195.32.7 / 255.255.255.224
192.168.172.21 / 255.255.255.0
184.108.40.206 / 255.255.255.224
NOTICE: The information contained in this electronic mail transmission is intended by Convergys Corporation for the use of the named individual or entity to which it is directed and may contain information that is privileged or otherwise confidential. If you have received this electronic mail transmission in error, please delete it from your system without copying or forwarding it, and notify the sender of the error by reply email or by telephone (collect), so that the sender's address records can be corrected.
More information about the sudo-users