[sudo-users] sudo script is not sending mail as the invoking user

Tansley, David David.Tansley at acegroup.com
Thu Sep 17 12:38:51 MDT 2015 

Hello,

Recently upgraded our AIX box to 7.1, notice sudo is not doing what it done  previously.
That is I have various scripts owned by root who generated audit reports. It then emails out to a list.
When the script is ran under the invoking user ( ndm), we get the  emails but the sender is root and not ndm.
Prior to our upgrade it was the invoking user (ndm), who was the sender of the email.
I am running sudo 1.8.14.

I initially assumed it was rbac ( security module) , but I have disabled that.

Here's, what I mean, using a simple script.




# su - ndm
$ sudo -l
Matching Defaults entries for ndm on uk01rs6:
    env_keep+="LOGNAME LIBPATH SHELLOPTS AUTHSTATE MAIL", !syslog

User ndm may run the following commands on uk01rs6:
    (ALL) NOPASSWD: /usr/local/bin/testme
    (root) NOPASSWD: /home/dt/testmail2
    (root) NOPASSWD: /usr/bin/mail *

$ sudo -u root /usr/bin/mail -v root < /tmp/myfile
root... Connecting to local...
root... Sent
$ exit
# mail
Mail [5.2 UCB] [AIX 5.X]  Type ? for help.
"/var/spool/mail/root": 3 messages 1 new 3 unread
U  1 ndm               Wed Sep 16 13:49  33/1821
U  2 ndm               Wed Sep 16 13:49  33/1821
>N  3 root              Wed Sep 16 13:54  32/1794

It should be from the user: ndm (sender) and not root. ( mail no:3 that is)

su works OK, roots mail gets it as ndm (sender):

# su - ndm
$ /usr/bin/mail -v root < /tmp/myfile
root... Connecting to local...
root... Sent
$ exit
# mail
Mail [5.2 UCB] [AIX 5.X]  Type ? for help.
"/var/spool/mail/root": 4 messages 1 new 4 unread
U  1 ndm               Wed Sep 16 13:49  33/1821
U  2 ndm               Wed Sep 16 13:49  33/1821
U  3 root              Wed Sep 16 13:54  33/1804
>N  4 ndm               Wed Sep 16 13:57  32/1811


Any idea's.

___________________________________________________________________
This email is intended for the designated recipient(s) only, and may be confidential, non-public, proprietary, protected by the attorney/client or other privilege. Unauthorized reading, distribution, copying or other use of this communication is prohibited and may be unlawful. Receipt by anyone other than the intended recipient(s) should not be deemed a waiver of any privilege or protection. If you are not the intended recipient or if you believe that you have received this email in error, please notify the sender immediately and delete all copies from your computer system without reading, saving, or using it in any manner. Although it has been checked for viruses and other malicious software ("malware"), we do not warrant, represent or guarantee in any way that this communication is free of malware or potentially damaging defects. All liability for any actual or alleged loss, damage, or injury arising out of or resulting in any way from the receipt, opening or use of this email is expressly disclaimed.
______________________________________________________________________

More information about the sudo-users mailing list