[sudo-users] auditing the group which gave a user sudo

Rohit Bansal banro21 at gmail.com
Fri May 10 07:33:59 MDT 2019


Is there any way to audit what group in sudoers allowed a user to get sudo

When i look at syslog, it gives the command and the primary group of the
user, but does not give which group policy allowed a user to get sudo. We
have tried a run sudo in debug mode as well but even that does not spit out
the policy which was evaluated to allow the specific sudo execution.

Any suggestions?


More information about the sudo-users mailing list