You are not logged in.
Pages: 1
Topic closed
Hi. I just tried a sudo command while logged in as a user that is not on the list. I got a message saying
"username is not in the sudoers file. This incident will be reported".
I'm just wondering WHERE this incident will be reported. Is there some log file maybe?
Thanks.
Last edited by Pacopag (2012-09-14 14:17:44)
Offline
Hi. I just tried a sudo command while logged in as a user that is not on the list. I got a message saying
"username is not in the sudoers file. This incident will be reported".
I'm just wondering WHERE this incident will be reported. Is there some log file maybe?
Thanks.
If you want to add yourself into the sudoers so that you can use the sudo command, you can use the TTY and login as root. While as root open the file /etc/sudoers with your text editor (like nano) and this line:
USER_NAME ALL=(ALL) ALL
Where USER_NAME is the username of the account you want to allow to have access to the sudo command.
Offline
By default, I think it writes a report about unauthorized users to syslog (or can, if it's enabled in syslog.conf). I'm not sure about journalctl. I've always just ignored it, since I'm the only user on this PC.
Offline
Maybe auth.log? Not sure though.
CLI Paste | How To Ask Questions
Arch Linux | x86_64 | GPT | EFI boot | refind | stub loader | systemd | LVM2 on LUKS
Lenovo x270 | Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz | Intel Wireless 8265/8275 | US keyboard w/ Euro | 512G NVMe INTEL SSDPEKKF512G7L
Offline
Last I checked, it sent mail to root, checkable via the 'mail' command.
Offline
Reminds me of http://xkcd.com/838/
I never really bothered to find out, just assumed it got logged by syslog. Sending mail to root makes sense as well, if that has been configured on your system (most single-user systems wouldn't).
Allan-Volunteer on the (topic being discussed) mailn lists. You never get the people who matters attention on the forums.
jasonwryan-Installing Arch is a measure of your literacy. Maintaining Arch is a measure of your diligence. Contributing to Arch is a measure of your competence.
Griemak-Bleeding edge, not bleeding flat. Edge denotes falls will occur from time to time. Bring your own parachute.
Offline
You could check in auth.log (or journalctl if you're running systemd)
Offline
Thanks for your replies. I checked all the places everyone mentioned, except journalctl because I couldn't figure out how. I only found a binary with that name, which I ran as root and it returned nothing.
The only place I found anything was in auth.log, just a couple of lines about the user not being a sudoer. Thanks to all. My curiosity is sated.
Offline
Yes, auth.log is the place to check regularly for incidents like this. Additionally it is (should be) possible to get informed by mail.
Please don't forget to mark this thread as [SOLVED].
To know or not to know ...
... the questions remain forever.
Offline
Pacopag wrote:Hi. I just tried a sudo command while logged in as a user that is not on the list. I got a message saying
"username is not in the sudoers file. This incident will be reported".
I'm just wondering WHERE this incident will be reported. Is there some log file maybe?
Thanks.
If you want to add yourself into the sudoers so that you can use the sudo command, you can use the TTY and login as root. While as root open the file /etc/sudoers with your text editor (like nano) and this line:
USER_NAME ALL=(ALL) ALL
Where USER_NAME is the username of the account you want to allow to have access to the sudo command.
Ack, I'm really sorry for bumping such an old thread and all that, but please, please, please never do what this person suggests. Never edit /etc/sudoers with a standard text editor. Always use visudo to edit the sudoers file, or you could be in serious trouble.
Offline
rh995 Final warning: next time you disregard the Forum Etiquette, you can expect a vacation.
Closing
Offline
Pages: 1
Topic closed