This widget could not be displayed.
HPE Community
Operating System - HP-UX
1845515 Members
2686 Online
110244 Solutions
This widget could not be displayed.
This widget could not be displayed.
This widget could not be displayed.
This widget could not be displayed.
This widget could not be displayed.
This widget could not be displayed.
This widget could not be displayed.
New Discussion
This widget could not be displayed.
This widget could not be displayed.

sudo mails about /var/adm owned by uid 4

 
Michel Diederiks
Advisor

‎03-28-2011 11:26 PM

‎03-28-2011 11:26 PM

sudo mails about /var/adm owned by uid 4

Hello,
I have installed iexpress sudo version 1.7.4p6 on a couple servers with 11.31 ia64. It works fine, but when a users executes a command that he is not allowed to run I get the following mail:

Mar 29 08:54:33 : cbrpr : /var/adm owned by uid 4, should be uid
0 ; TTY=pts/1 ; PWD=/home/cbrpr ; USER=root ; COMMAND=dmesg

Does anyone knows why this is happening? /var/adm should be owned by UID 4 (adm).

Thanks,

Michel
0 Kudos
4 REPLIES 4
Ismail Azad
Esteemed Contributor

‎03-29-2011 12:12 AM

‎03-29-2011 12:12 AM

Re: sudo mails about /var/adm owned by uid 4

Hi,

Doesn't seem like an "error" to me... It's just mail.... The adm pseudo account on /etc/passwd is one of the system account that has priveleged status and sometimes just termed as a UID. The home directory field of the adm pseudo account is /var/adm! {surprising isn't it!} and the adm priveleged account should normally own that directory.

Adm owning /var/adm has nothing to do with the iexpress sudo version installed...

Regards
Ismail Azad
Read, read and read... Then read again until you read "between the lines".....
0 Kudos
Michel Diederiks
Advisor

‎03-29-2011 12:43 AM

‎03-29-2011 12:43 AM

Re: sudo mails about /var/adm owned by uid 4

Hi,

I agree it's just a mail.
But why is sudo mailing that /var/adm should be owned by uid 0. That is not correct. sudo should be mailing that the user is not allowed to run the command dmesg or something similar.

Ok, i found it. /var/adm is the default location of the timestampdir. And that one should be owned by UID 0. I changed this default directory in the sudoers file to /var/adm/sudo and I do not get these mails anymore.

Michel
0 Kudos
Michel Diederiks
Advisor

‎03-29-2011 12:45 AM

‎03-29-2011 12:45 AM

Re: sudo mails about /var/adm owned by uid 4

Setting timestampdir to another location fixed it.

Michel
0 Kudos
Dennis Handly
Acclaimed Contributor

‎03-29-2011 12:48 AM

‎03-29-2011 12:48 AM

Re: sudo mails about /var/adm owned by uid 4

>Does anyone knows why this is happening? /var/adm should be owned by UID 4 (adm).

Perhaps that version of sudo thinks it should be owned by root?
But I would have expected only cbrpr not being allowed to use dmesg command.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.