sudo/sudoers


 
Thread Tools Search this Thread
Operating Systems HP-UX sudo/sudoers
# 1  
Old 08-03-2011
sudo/sudoers

Dear folks.

Considering PCIDSS standards, i have requirment to use sudo(ers) to log everything a certain user executes with root privileges.

Now, for an admin it's just a pain in the ass to prefix every command with sudo.

Only way i can think of is making .aliases and with some awk magic making every executable like :
Code:
alias ls="sudo ls"

Is there any better way perhaps ?

Thanks and regards.
# 2  
Old 08-03-2011
???
Code:
sudo bash
sudo su

# 3  
Old 08-03-2011
That's not logged then, if you invoke shell

It will log only shell invocation and nothing after e.g
Code:
Aug  3 13:08:09 hostname sudo: user : TTY=pts/0 ; PWD=/home/user ; USER=root ; TSID=00000G ; COMMAND=/sbin/sh

If you use
Code:
sudo ls -lrt

You get.
Code:
Aug  3 13:05:47 hostname sudo: user : TTY=pts/0 ; PWD=/home/user ; USER=root ; TSID=00000E ; COMMAND=/usr/bin/ls -lrt

Regards.
# 4  
Old 08-03-2011
Well... Just an idea.
In bash you can unset $PATH in your .bashrc and set a special bash function "command_not_found_handle" with setting local variable PATH and then invoking the command: sudo "$@" .
# 5  
Old 08-04-2011
Well, i did try but to no avail.
I found and example function to avoid sudo completly and log root commands, but it runs in infinite loop using posix shell (/sbin/sh) and trap <function> DEBUG
I'm unable to determine why is it working in everything besides posix shell Smilie

This is the code (this works in ksh and bash, but i'm not changing default root shell, since if /usr is not avalible machine won't boot.)
This is .profile
Code:
function cmd2sys
{
        CMD=$(fc -ln -0)
        USER=$(whoami)
        logger -p local1.notice -i : COMMAND = $CMD" ; "USER = $USER" ; "PWD=$PWD
}
trap cmd2sys DEBUG

Can you be more specific, how would you prefix every command with sudo in bash shell using command_not_found_handle ?

Thanks alot.
Regards
Peasant.
# 6  
Old 08-04-2011
It was just an idea. But it seems it works. The only quirk is that PATH should be set to something. So this works for me:
Code:
$ PATH=1
$ function command_not_found_handle () { PATH=/bin:/usr/bin: sudo "$@"; }
$ touch /etc/abcd
$ rm /etc/abcd
$ tail -n3 /var/log/auth.log
Aug  4 19:54:49 uf3 sudo:     jazu : TTY=pts/0 ; PWD=/home/jazu/tmp ; USER=root ; COMMAND=/usr/bin/touch /etc/abcd
Aug  4 19:54:54 uf3 sudo:     jazu : TTY=pts/0 ; PWD=/home/jazu/tmp ; USER=root ; COMMAND=/bin/rm /etc/abcd
Aug  4 19:55:13 uf3 sudo:     jazu : TTY=pts/0 ; PWD=/home/jazu/tmp ; USER=root ; COMMAND=/usr/bin/tail -n3 /var/log/auth.log

This User Gave Thanks to yazu For This Post:
# 7  
Old 08-04-2011
Thanks mate, i really appreciate it.

Didn't know that PATH trick, seems real nice, didn't know it can be used in such manner.

Regards
Peasant.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Red Hat

How to disable sudo -i in sudoers file for users?

All, I need to disable "sudo -i" and "su - " for all servers in our environment, We want to make sure no one run commands or delete files across environment using switching to root account. can you guys please lets me know if this is achievable. Thanks and Regards shekar (2 Replies)
Discussion started by: shekar777
2 Replies

2. Solaris

Sudo Privileges & Sudoers Group

I'm looking for some suggestions to accomplish what a specific user needs, without adding them to the "sudoers" group. I have X user, that is requesting to be able to change file permissions on items owned by others and search directories where X user doesn't have access. I'm open to any... (2 Replies)
Discussion started by: Nvizn
2 Replies

3. Shell Programming and Scripting

sudo: sorry, you must have a tty to run sudo

Hi, Have a need to run the below command as a "karuser" from a java class which will is running as "root" user. When we are trying to run the below command from java code getting the below error. Command: sudo -u karuser -s /bin/bash /bank/karunix/bin/build_cycles.sh Error: sudo: sorry,... (8 Replies)
Discussion started by: Satyak
8 Replies

4. Shell Programming and Scripting

sudo: sorry, you must have a tty to run sudo

Hi All, I running a unix command using sudo option inside shell script. Its working well. But in crontab the same command is not working and its throwing "sudo: sorry, you must have a tty to run sudo". I do not have root permission to add or change settings for my userid. I can not even ask... (9 Replies)
Discussion started by: Apple1221
9 Replies

5. Linux

How to configure sudoers in order to hide some sudo commands.

Hi Unix.com people! :) My question, I think, it's easy to understand. I want to configure my sudoers file (/etc/sudoers) in order to hide automatically, some repetitive and annoying commands to be listed on auth.log (/var/log/auth.log). Anyone know something, or know where I can... (0 Replies)
Discussion started by: fefafefa
0 Replies

6. Shell Programming and Scripting

ssh foo.com sudo command - Prompts for sudo password as visible text. Help?

I am writing a BASH script to update a webserver and then restart Apache. It looks basically like this: #!/bin/bash rsync /path/on/local/machine/ foo.com:path/on/remote/machine/ ssh foo.com sudo /etc/init.d/apache2 reloadrsync and ssh don't prompt for a password, because I have DSA encryption... (9 Replies)
Discussion started by: fluoborate
9 Replies

7. Solaris

sudoers

what is the configuration file for sudo? can we edit it as like other file or will it create any adverse effect on editing that file? thanks in advance dinu (1 Reply)
Discussion started by: dinu
1 Replies

8. AIX

sudo log and sudo auditing

Sudo In AIX, how to find out what commands have been run after a user sudo to another user? for example, user sam run 'sudo -u robert ksh' then run some commands, how can I (as root) find what commands have been run? sudo.log only contains sudo event, no activity logging. (3 Replies)
Discussion started by: jalite19
3 Replies

9. UNIX for Dummies Questions & Answers

Unable to use the Sudo command. "0509-130 Symbol resolution failed for sudo because:"

Hi! I'm very new to unix, so please keep that in mind with the level of language used if you choose to help :D Thanks! When attempting to use sudo on and AIX machine with oslevel 5.1.0.0, I get the following error: exec(): 0509-036 Cannot load program sudo because of the following errors:... (1 Reply)
Discussion started by: Chloe123
1 Replies

10. Solaris

sudoers and sudo

Hi, on solaris 10, I have two users : user1 and user2 I want to create User_Alias and Cmnd_Alias to allow them to execute a command without prompting for sudo password. command I want these users should be able to run is '/usr/bin/su - abcd' . Also user1 and 2 need not type the 'abcd'... (6 Replies)
Discussion started by: upengan78
6 Replies
Login or Register to Ask a Question