[sudo-users] Issue with apt command after setting log_subcmd option in /etc/sudoers file
ronan.bertinhugault at orange.com
ronan.bertinhugault at orange.com
Tue Mar 28 09:01:47 MDT 2023
Hello Todd,
Thank you for your reply and the associated highlights.
It's now very clear for me.
We will see to deploy the latest package based on your package repository.
Have a good day.
Regards.
Ronan BERTIN-HUGAULT
Responsable du département « Zéro Trust Security »
Digital Cloud Services
Orange/INNOV/IT-S/DCS/ZTS
Ronan.bertinhugault at orange.com
Mobile : +33 643253217
Orange Restricted
-----Message d'origine-----
De : Todd C. Miller <Todd.Miller at sudo.ws>
Envoyé : mardi 28 mars 2023 16:59
À : BERTIN HUGAULT Ronan INNOV/IT-S <ronan.bertinhugault at orange.com>
Cc : sudo-users at sudo.ws
Objet : Re: [sudo-users] Issue with apt command after setting log_subcmd option in /etc/sudoers file
On Tue, 28 Mar 2023 05:46:43 -0000, ronan.bertinhugault at orange.com wrote:
> On the other lines of the sudoers file regarding the Defaults item
> there is a space each time:
> Defaults env_reset
> Defaults mail_badpass
> Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bi
> n:/sbin:/bin:/snap/bin"
> Defaults use_pty
> #Defaults log_host, log_year
> Defaults log_input, log_output, log_subcmds
> Defaults!/usr/bin/apt !log_subcmds
>
> If you can provide me highlight on the way sudo behave with or without
> a spac e, I will be very interested.
There are five types of Defaults settings:
Defaults - global default values
Defaults at host - host-specific default values
Defaults:user - user-specific default values
Defaults!command - command-specific default values
Defaults>runuser - runas-specific default values
The host, user, command or runuser can also be a list. Space is allowed before the host/user/command but not between "Defaults" and the special character ('@', ':', '!' or '>'). This isn't really clear from the sudoers manual--I'll try to rectify that.
> Regarding the sudo version, here are the detailed information:
> sudo --version
> Sudo version 1.9.9
> Sudoers policy plugin version 1.9.9
> Sudoers file grammar version 48
> Sudoers I/O plugin version 1.9.9
> Sudoers audit plugin version 1.9.9
That appears to be the latest version from Ubuntu. I build my own sudo packages for common systems, including the Ubuntu LTS releases.
These are available from https://www.sudo.ws/getting/packages/.
- todd
_________________________________________________________________________________________________________________________
Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.
This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.
More information about the sudo-users
mailing list