Package: sudo Version: 1.8.27-1+deb10u2 Severity: normal Dear Maintainer,
My journalctl indicates numerous alerts/1 like "sudo[XXX]: l0f4r0 : a password is required ; TTY=unknown ; PWD=/home/l0f4r0 ; USER=root ; COMMAND=/usr/bin/uptime". Those happen up from 1/day to several times a day for 2+ months. I can't be really sure this issue must be dealt by sudo itself but I didn't manage to see another correlation with anything else during my investigation. 2 things are weird: * this behavior started the same day I upgraded sudo (from 1.8.27-1+deb10u1 to 1.8.27-1+deb10u2) => this is why I'm reporting my bug here but maybe this is just a coincidence..., * /usr/bin/uptime doesn't need to be launched with administrative privilege normally... I didn't find any useful lead on the internet. Eiher they tell to delete this kind of alerts (?), or modify /etc/sudoers so NOPASSWD is required for /usr/bin/uptime or suggest there is a script somewhere that uses uptime (my only script in /home/l0f4r0 using uptime is ~/.conkyrc and it can't be that as I would get hundreds of alerts per day because of my 3s refreshing, not several only). Of course, I didn't launch "sudo uptime" manually (hence "TTY=unknown" I presume)... -- System Information: Debian Release: 10.3 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.4.0-0.bpo.2-amd64 (SMP w/8 CPU cores) Kernel taint flags: TAINT_USER Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages sudo depends on: ii libaudit1 1:2.8.4-3 ii libc6 2.28-10 ii libpam-modules 1.3.1-5 ii libpam0g 1.3.1-5 ii libselinux1 2.8-1+b1 ii lsb-base 10.2019051400 sudo recommends no packages. sudo suggests no packages. -- Configuration Files: /etc/sudoers changed: Defaults env_reset Defaults mail_badpass Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt:/snap/bin" root ALL=(ALL:ALL) ALL %sudo ALL=(ALL:ALL) ALL -- no debconf information
