Jump to content

How to stop sudo PAM messages in auth.log for a specific user


Miguel

Recommended Posts

Hello 

 

I´m use ARMBIAN 5.65 in OrangePi+ 2E, I have admin user to execute one custom scritp, it uses sudo to run commnads as root, but prints this messages in /var/log/auth.log every few seconds.

Dec  4 17:15:11 ORANGEZN3 sudo:     root : TTY=unknown ; PWD=/home/admin ; USER=root ; COMMAND=/usr/sbin/i2cdetect -y 0
Dec  4 17:15:11 ORANGEZN3 sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
Dec  4 17:15:11 ORANGEZN3 sudo: pam_unix(sudo:session): session closed for user root

I have same problem in my raspberry pi 3 and I can stopt this messages with de following code in /etc/pam.d/sudo file

session [success=done default=ignore] pam_succeed_if.so quiet uid = 0 user = root ruser = admin
session    required   pam_env.so readenv=1 user_readenv=0
session    required   pam_env.so readenv=1 envfile=/etc/default/locale user_readenv=0

But in ARMBIAN 5.65 not work. do you have any idea about this?

 

Thank you in advance

Link to comment
Share on other sites

10 hours ago, Miguel said:

I´m use ARMBIAN 5.65 in OrangePi+ 2E, I have admin user to execute one custom scritp, it uses sudo to run commnads as root, but prints this messages in /var/log/auth.log every few seconds.

 

Depends - but if this is a script that runs on a period basis, add it to root's crontab, and don't mess with sudo in the first place...

 

The root account is normally disabled on many distro's, but one can enable it by setting a secure password (sudo passwd root)

Link to comment
Share on other sites

 

17 hours ago, sfx2000 said:

 

Depends - but if this is a script that runs on a period basis, add it to root's crontab, and don't mess with sudo in the first place...

 

The root account is normally disabled on many distro's, but one can enable it by setting a secure password (sudo passwd root)

 

Thank you for your help. The script not runs on a period basis, i can not put in crontab. I know that my script not is the correct solution but I can not change it in this moment, I would like remove the messages in auth.log, I don´t understand why my solution works in rasperry pi with raspbian but not in ARMBIAN 5.65 (OrangePi+ 2E).

 

Link to comment
Share on other sites

5 hours ago, Miguel said:

I don´t understand why my solution works in rasperry pi with raspbian but not in ARMBIAN 5.65

 

Armbian is not Raspbian

 

In any event - take a look at /proc/sys/kernel/printk -- that's the settings for what kernel does with logging...

 

the man page - klogctl

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...

Important Information

Terms of Use - Privacy Policy - Guidelines