I have sudo configured on the servers around our office to send me
administrative notes when someone invokes sudo without having
permission to do so.
So I get a message (where YYYYYY is the server name and ZZZZZZ is the
username):
YYYYYY: Aug 23 15:41:32 : ZZZZZZ : user NOT in sudoers ;
TTY=pts/1 ; PWD=/home/ZZZZZZ ; USER=root ; COMMAND=/bin/ls
sudo let the user in question that his activity would be recorded and
reported, so just a few seconds later I get another warning:
YYYYYY: Aug 23 15:41:46 : ZZZZZZ : user NOT in sudoers ; TTY=pts/1 ;
PWD=/home/ZZZZZZ ; USER=root ; COMMAND=/bin/echo Just checking
:-)
--
Paul Heinlein
[email protected]
45°38' N, 122°6' W
---------- Forwarded message ----------
Date: Thu, 23 Aug 2012 15:41:47 -0700
From: [email protected]
To: [email protected]
Subject: *** SECURITY information for gibson.galois.com ***
_______________________________________________
PLUG mailing list
[email protected]
http://lists.pdxlinux.org/mailman/listinfo/plug
