1748070 Members
4972 Online
108758 Solutions
New Discussion юеВ

SUDO

 
oprakash
Frequent Advisor

SUDO

Hi,

I have installed SUDO package in hp 11.11 operating system, i am having few doubt on this.

1. % sudo /usr/bin/sh - This command goes to root privilage (#) How to disable this function.

2. There is any log files to check the sudo activity.

3. If someone putting a wrong password in sudo acess, i need to see that incorrect attempts.

Can any one suggest me on above mentioned, please
3 REPLIES 3
Steven E. Protter
Exalted Contributor

Re: SUDO

Shalom,

What was your source of sudo, Internet Express or the software porting and archive centre? The source impacts the logging. See /var/adm/syslog/syslog.log

1. If this command not included in the command groups you hand to users and it should not be, it will not be a problem.

2. see above

3. see above

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Matti_Kurkela
Honored Contributor

Re: SUDO

1.) This can be configured by editing the sudoers file with the visudo command. If you write an insecure configuration (e.g. allowing all users to execute all commands as root), then your security will be *worse* than without sudo.
Steps to fix:
- read and understand the man pages of sudo (man sudo; man sudoers)
- find out what commands your users really need
- make a sudo configuration that will only allow the needed things and nothing else

2.) By default, sudo writes to syslog (/var/adm/syslog/syslog.log). You can adjust the logging levels and make sudo write to its own log file by adding options to the sudoers file (see "man sudoers")

3.) By default, sudo logs the incorrect attempts to syslog and sends email to root. You can configure the mail destination by adding the mailto option to the sudoers file (see "man sudoers")

MK
MK
Suraj K Sankari
Honored Contributor

Re: SUDO

Hi,

1. In sudo system groups are prefixed with '%'
2. Check /var/adm/syslog/syslog.log
3. Check /var/adm/syslog/syslog.log

For more info about sudo see the below link
http://www.sudo.ws/sudo/man/sudoers.html

Suraj