On Thursday 23 June 2011 05:53:15 Dale wrote: > Joost Roeleveld wrote: > > On Wednesday 22 June 2011 18:02:39 Alan McKinnon wrote: > >> But all this was mild compared to what I did yesterday. You know that > >> notice on the console when you get sudo wrong? It says the incident > >> "will be reported" > >> > >> OK. But to whom? On my shell boxes it gets reported to me. And > >> yesterday this is what it said: > >> > >> <host> : Jun 21 11:55:25 :<user> : 1 incorrect password attempt ; > >> TTY=pts/194 ; PWD=/some/path ; USER=root ; COMMAND=init 6 > >> > >> 500 concurrent sessions on that box is routine, it's a major gateway > >> server. That poor user has not recovered yet. > > > > You mean, he (or she) will eventually recover? > > > > Am curious though, why the attempt for a reboot? > > I was curious about that too. I don't use sudo, I'm the only geek in > the chair here, but I don't think I would want to reboot just because my > typing was off.
I do use sudo for some scripts as I don't want the script to have root-access to some of the servers and I definitely don't want to add suid-bits to random programs. At my home, I'm not the only one who knows his/her way around computers. But neither of us would consider it a good idea to simply reboot a machine. > Given what Alan runs and the amount of people it affects, I'm surprised > it is set up that way. Question. You changed that behavior yet Alan? I'm guessing Alan got that because it's not allowed with sudo. If it was, the password-failure wouldn't have been listed. -- Joost
