[PLUG] Graceful sudo recovery
Paul Heinlein
heinlein at madboa.com
Thu Aug 23 22:51:52 UTC 2012
I have sudo configured on the servers around our office to send me
administrative notes when someone invokes sudo without having
permission to do so.
So I get a message (where YYYYYY is the server name and ZZZZZZ is the
username):
YYYYYY: Aug 23 15:41:32 : ZZZZZZ : user NOT in sudoers ;
TTY=pts/1 ; PWD=/home/ZZZZZZ ; USER=root ; COMMAND=/bin/ls
sudo let the user in question that his activity would be recorded and
reported, so just a few seconds later I get another warning:
YYYYYY: Aug 23 15:41:46 : ZZZZZZ : user NOT in sudoers ; TTY=pts/1 ;
PWD=/home/ZZZZZZ ; USER=root ; COMMAND=/bin/echo Just checking
:-)
--
Paul Heinlein
heinlein at madboa.com
45°38' N, 122°6' W
---------- Forwarded message ----------
Date: Thu, 23 Aug 2012 15:41:47 -0700
From: tommd at galois.com
To: root at gibson.galois.com
Subject: *** SECURITY information for gibson.galois.com ***
More information about the PLUG
mailing list