[sudo-users] sudo script is not sending mail as the invoking user

Tansley, David David.Tansley at acegroup.com
Fri Sep 18 08:23:40 MDT 2015

Yes I saw that bug, but I do not think it is the same issue, could be wrong. Clearly this is something to do with AIX upgrade.

Believe still getting the same issue, now installed back to : 1.8.14p3

# ls -l /home/dxtans/testmail2
-rwxr--r--    1 root     system          105 Sep 18 15:06 /home/dxtans/testmail2

# cat /home/dxtans/testmail2
echo $MAIL
/usr/sbin/sendmail -t <<mayday


As user ndm, so LOGNAME,MAIL spool does get preserved:
$ id
uid=202(ndm) gid=1(staff)

$ sudo /home/dxtans/testmail2

Looking at root mail I still get:
# mail
Mail [5.2 UCB] [AIX 5.X]  Type ? for help.
"/var/spool/mail/root": 1 message 1 new
>N  1 root              Fri Sep 18 15:09  12/333  "testing"

Sent from root, when it should be ndm as the invoker.

as ndm:
$ sudo -l
Matching Defaults entries for ndm on uk01wrs6008:
  log_output, logfile=/var/adm/sudo.log, !syslog

User ndm may run the following commands on

    (root) NOPASSWD: /usr/sbin/sendmail

-----Original Message-----
From: Todd C. Miller [mailto:Todd.Miller at courtesan.com]
Sent: 18 September 2015 14:10
To: Tansley, David
Cc: sudo-users at sudo.ws
Subject: Re: [sudo-users] sudo script is not sending mail as the invoking user

There was a bug in older versions of sudo 1.8.x where the parent sudo process (but not the actual command) was run with the effective uid of the user and not root.  It's possible that this influenced the user mail used by default.

The change set in question is:

I don't know why mail would be looking at the parent process instead of just using the login uid.

For what it's worth, if you run /usr/sbin/sendmail directly instead of via /usr/bin/mail it will honor the LOGNAME environment variable.


$ /usr/sbin/sendmail -t << EOF
To: user
Subject: foo


 - todd

This email is intended for the designated recipient(s) only, and may be confidential, non-public, proprietary, protected by the attorney/client or other privilege. Unauthorized reading, distribution, copying or other use of this communication is prohibited and may be unlawful. Receipt by anyone other than the intended recipient(s) should not be deemed a waiver of any privilege or protection. If you are not the intended recipient or if you believe that you have received this email in error, please notify the sender immediately and delete all copies from your computer system without reading, saving, or using it in any manner. Although it has been checked for viruses and other malicious software ("malware"), we do not warrant, represent or guarantee in any way that this communication is free of malware or potentially damaging defects. All liability for any actual or alleged loss, damage, or injury arising out of or resulting in any way from the receipt, opening or use of this email is expressly disclaimed.

More information about the sudo-users mailing list