Operating System - HP-UX
1832880 Members
2471 Online
110048 Solutions
New Discussion

sudo mails about /var/adm owned by uid 4

 

sudo mails about /var/adm owned by uid 4

Hello,
I have installed iexpress sudo version 1.7.4p6 on a couple servers with 11.31 ia64. It works fine, but when a users executes a command that he is not allowed to run I get the following mail:

Mar 29 08:54:33 : cbrpr : /var/adm owned by uid 4, should be uid
0 ; TTY=pts/1 ; PWD=/home/cbrpr ; USER=root ; COMMAND=dmesg

Does anyone knows why this is happening? /var/adm should be owned by UID 4 (adm).

Thanks,

Michel
4 REPLIES 4
Ismail Azad
Esteemed Contributor

Re: sudo mails about /var/adm owned by uid 4

Hi,

Doesn't seem like an "error" to me... It's just mail.... The adm pseudo account on /etc/passwd is one of the system account that has priveleged status and sometimes just termed as a UID. The home directory field of the adm pseudo account is /var/adm! {surprising isn't it!} and the adm priveleged account should normally own that directory.

Adm owning /var/adm has nothing to do with the iexpress sudo version installed...

Regards
Ismail Azad
Read, read and read... Then read again until you read "between the lines".....

Re: sudo mails about /var/adm owned by uid 4

Hi,

I agree it's just a mail.
But why is sudo mailing that /var/adm should be owned by uid 0. That is not correct. sudo should be mailing that the user is not allowed to run the command dmesg or something similar.

Ok, i found it. /var/adm is the default location of the timestampdir. And that one should be owned by UID 0. I changed this default directory in the sudoers file to /var/adm/sudo and I do not get these mails anymore.

Michel

Re: sudo mails about /var/adm owned by uid 4

Setting timestampdir to another location fixed it.

Michel
Dennis Handly
Acclaimed Contributor

Re: sudo mails about /var/adm owned by uid 4

>Does anyone knows why this is happening? /var/adm should be owned by UID 4 (adm).

Perhaps that version of sudo thinks it should be owned by root?
But I would have expected only cbrpr not being allowed to use dmesg command.