7b - Using Sudo at a "Big" company, March/2003 - Alek`s Free Personal Web Pages     [<Prev][TOC][Next>] <=== Navigation Buttons

Sample Sudo Syslog Entries (note last three entries)



Nov 14 18:02:44 HOST1 sudo: ADM1 : TTY=pts/4 ; PWD=/appl/sudo/etc ; USER=root ; COMMAND=/usr/bin/date
Nov 14 18:03:40 HOST2 sudo: ADM1 : TTY=pts/0 ; PWD=/var/adm/syslog ; USER=root ; COMMAND=/usr/bin/vi /etc/syslog.conf
Nov 14 18:04:15 HOST3 sudo: ADM3 : TTY=pty/ttys0 ; PWD=/tmp_mnt/home/ADM3 ; USER=root ; COMMAND=/usr/bin/vi /etc/defaultdomain
Nov 14 18:04:38 HOST4 sudo: ADM1 : TTY=pts/0 ; PWD=/var/adm/syslog ; USER=root ; COMMAND=/etc/reboot
Nov 14 18:28:23 HOST5 sudo: ADM1 : TTY=pts/2 ; PWD=/var/adm ; USER=root ; COMMAND=/usr/sbin/poweroff
Nov 14 18:59:10 HOST6 sudo: ADM1 : TTY=pts/5 ; PWD=/appl/sudo/etc ; USER=root ; COMMAND=/usr/bin/cp sudoers /tmp
Nov 14 18:59:15 HOST7 sudo: ADM1 : TTY=pts/5 ; PWD=/tmp ; USER=root ; COMMAND=/usr/bin/chmod 777 sudoers
Nov 14 19:01:38 HOST8 sudo: ADM2 : TTY=pts/2 ; PWD=/appl/someapp/bin ; USER=root ; COMMAND=/usr/bin/vi applwrapper

Nov 14 21:33:42 HOST9 sudo: ADM1 : 3 incorrect passwords ; TTY=pts/4 ; PWD=/home/ADM1 ; USER=root ; COMMAND=/usr/bin/date

Nov 14 21:34:02 HOST9 sudo: ADM8 : user NOT in sudoers ; TTY=pts/6 ; PWD=/home/ADM8 ; USER=root ; COMMAND=/usr/bin/date

Nov 14 21:36:53 HOST9 sudo: ADM9 : command not allowed ; TTY=pts/6 ; PWD=/home/ADM9 ; USER=root ; COMMAND=/usr/bin/vi /etc/passwd