[sudo-users] Does AIX properly forward to a Linux logsrvd? Endian Issues?
Dolan, Sean
sean.dolan at lmco.com
Wed Oct 19 10:29:07 MDT 2022
I am not seeing an entry in the Linux Logsrvd log (/var/log/secure) when an AIX client issues a sudo command. I am using the latest, sudo 1.9.11p3:
SOURCE: AIX 7.1 workstation /etc/sudoers has the entry "Defaults: log_servers=linux-logsrv"
Linux: 6.9 server running sudo_logrvd listening on 30343 (non-tls for now)
On AIX machine, execute "sudo cat /etc/shadow" but nothing appears in the Linux's /var/log/secure. All Linux clients work 100%, but the AIX clients do not.
I captured a TCPDUMP and can see the initial handshake between the AIX and Linux box. I can see the Linux box reply back with the "Sudo Audit Ser ver 1.9.11p3" but then the AIX does not send the details back, i.e. the command, etc.
Is there an Endian issue going between BIG and little endian?
More information about the sudo-users
mailing list