11-11-2002
Yes, you need to configure the sudoers configuration file and restrict what users do and how they are logged.
You have NOT discovered a 'back door' you have SIMPLY not configured sudo and sudoers properly. (see post above).
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi all,
I have two problems, My system is SunOS 5.9:
1- I have installed sudo but I have a problem logging user activities on other hosts, the way I installed it is that I installed sudo and the sudoers file in a shared directory on a NFS server which is mounted by all computers on the... (1 Reply)
Discussion started by: neked
1 Replies
2. Solaris
I'm looking for a CLI utility that will capture all the commands you type at the Solaris CLI (and their output) into a file. I'm sure it's called "scripter", but I can't find anything on a command called scripter.
Does anyone know of a such a command?
Your help will be greatly... (3 Replies)
Discussion started by: soliberus
3 Replies
3. HP-UX
Jul 14 08:02:40 servera sshd: Accepted keyboard-interactive/pam for someuser from x.x.x.x port 1406 ssh2
Jul 14 08:02:48 servera su: - 1 someuser-root
Jul 14 08:03:03 servera sudo: someuser : TTY=pts/1 ; PWD=/home/someuser ; USER=root ; COMMAND=/usr/bin/su -
Jul 14 08:03:03 servera su: + 1... (3 Replies)
Discussion started by: Ikon
3 Replies
4. Cybersecurity
Dear friends
I'm looking for a solution to log all commands that users do in my RedHat box, and send it out to other remote server,
Is there any guide for that
Thanks
---------- Post updated at 04:20 AM ---------- Previous update was at 03:47 AM ----------
I can think of something else
I... (7 Replies)
Discussion started by: reaky
7 Replies
5. Shell Programming and Scripting
hi all,
I am new to unix and unix scipting. i need a script to logging into servers and to excute some commands in each server.
for eg :
I tried with below script ,but cant get the desired o/p. please help with this
for i in `cat serverlist`
do
echo $i
ssh $i uname -a ;
cat... (4 Replies)
Discussion started by: sudharson
4 Replies
6. UNIX for Advanced & Expert Users
There was an update in sudo 1.7.5 :
-The I/O log directory may now be specified in the sudoers file.
I am stuck using sudo 1.7.4p6. Because it is supported by HP on thier HP-UX builds.
Is there a process to change this directory in sudo 1.7.4p6?
currently sudo 1.7.4p6's default is... (3 Replies)
Discussion started by: trimike
3 Replies
7. UNIX for Dummies Questions & Answers
Hi,
Can you please give me a list of commands executed through 'sudo' command, thank you. (1 Reply)
Discussion started by: Dev_Dev
1 Replies
8. Programming
Is there a way to transfer my sudo password via ssh so that I can copy files remotely and pass them locally, so:
cat sudo-passwd-file|ssh -t user@10.7.0.180 'sudo find / -depth|cpio -oacv|gzip' > /path/to/dir/file.cpio.gz
I am in the process of a creating a script. Everytime I try and just... (16 Replies)
Discussion started by: metallica1973
16 Replies
9. Shell Programming and Scripting
Hi,
I am new to scripting. I am trying to write a script to ssh one remote machine and run a sudo command.
ssh <hostname> sudo -S <command> < ~/pass.txt
I am stored my password in pass.txt.
I am getting error
sudo: no tty present and no askpass program specified
Please suggest me how can... (1 Reply)
Discussion started by: venkia9
1 Replies
10. Solaris
Hi All
I have a requirement in which during sudo logging, I must get the year details also in sudo log file. As below output is not mentioning the year due to this I will not able to idenfiy that this log belong to 2012 or 2011 or 2010
Dec 12 11:30:21 XYZ sudo: user1 : TTY=pts/5 ;... (4 Replies)
Discussion started by: sb200
4 Replies
LEARN ABOUT OSX
heimdal_debug
heimdal_debug(5) BSD File Formats Manual heimdal_debug(5)
NAME
heimdal_debug -- how to turn on/off debugging for Kerberos tools
DESCRIPTION
The heimdal_debug kerberos frameworks have several knobs for controlling logging. The different framework knobs are:
libkrb
The Kerberos library, some gss-api Kerberos output ends up here too
kcm the kcm library (credentials cache, ntlm client)
kdc the kerberos KDC output
digest-service
the digest service (ntlm server)
CONFIGURATION FILE
[logging]
<subsystem> = 0-/SYSLOG:
and watch syslog for logging information.
APPLE MAC OS X
First turn up syslog debugging
sudo syslog -c 0 -d
then you can see the syslog output in Console.app or by running
syslog -w -k org.h5l.asl
To enable more extensive debugging logging for each subsystem, use the following commands:
Kerberos Library
sudo defaults write /Library/Preferences/com.apple.Kerberos logging -dict-add krb5 '0-/ASL:'
digest-server
sudo defaults write /Library/Preferences/com.apple.Kerberos logging -dict-add digest-service '0-/ASL:'
kcm sudo defaults write /Library/Preferences/com.apple.Kerberos logging -dict-add kcm '0-/ASL:'
kdc sudo defaults write /Library/Preferences/com.apple.Kerberos logging -dict-add kdc '0-/ASL:'
MIT Kerberos Shim
defaults write com.apple.MITKerberosShim EnableDebugging -bool true
GSS-API framework logging
sudo defaults write /Library/Preferences/com.apple.GSS DebugLevel -int 10
Other options on Mac OS X
Make the admin API pretend to the server even on client
sudo defaults write /Library/Preferences/com.apple.Kerberos ForceHeimODServerMode -bool true
SEE ALSO
gss(5), kerberos(8)
HEIMDAL
Sep 30, 2011 HEIMDAL