Control: tags -1 - moreinfo + confirmed thanks On Thu, Feb 03, 2022 at 02:54:24PM +0100, Marc Haber wrote: > On Wed, Feb 02, 2022 at 07:55:07PM +0100, Borden wrote: > > Just reinstalled again, ran a sudo command and got > > > > debian: Feb 2 18:47:09 : borden : problem with defaults entries ; > > TTY=pts/1 ; PWD=/home/borden ; USER=root ; > > > > Delivered to my inbox. I'm not sure if that's a bug problem or a me problem > > I have never seen such a message delivered via e-mail. Is this a strange > syslog configuration, or a container setup? Normally, message like this > end up in auth.log.
Ok, I now understand what you mean, and I can reproduce the issue. Excuse me for being so stupid. The linked Red Hat bugreport was help for me (https://bugzilla.redhat.com/show_bug.cgi?id=879633). You don't need an LDAP server, you don't need sssd running, it is just necessary to install sudo and libsss-sudo and have "sudoers: files sss" in nssswithc.conf. Any sudo call will result in a single e-mail message like this being sent out: | From: Marc Haber <m...@testsid85.zugschlus.de> | Subject: *** SECURITY information for testsid85.zugschlus.de *** | To: r...@testsid85.zugschlus.de | Date: Thu, 03 Feb 2022 16:54:27 +0100 | | testsid85.zugschlus.de : Feb 3 16:54:26 : mh : problem with defaults entries ; TTY=pts/0 ; PWD=/home/mh ; USER=root ; The Red Hat Bug Report links to a patch, https://bugzilla-attachments.redhat.com/attachment.cgi?id=650460, but I am not sure whether this patch makes sense (it only seems to turn off the error exit code in case of sss_error == ENOENT). @Timo, is that a valid solution? I am also bothered by the error text "problem with defaults entries". I have filed upstream bug 1022 (https://bugzilla.sudo.ws/show_bug.cgi?id=1022) for a better error message. Any ideas? Greetings Marc
