Using the sudo command got me reported!

Discussion in 'Mac Basics and Help' started by thewhitehart, May 24, 2007.

  1. thewhitehart macrumors 6502a

    thewhitehart

    Joined:
    Jul 9, 2005
    Location:
    The town without George Bailey
    #1
    For any of you advanced unix users out there -

    I tried to use the "sudo periodic daily weekly monthly" command under my standard user account. It asked for my user's password after warning me about the consequences of the "sudo" command. I typed in my standard user password, and this is what I got.

    "user john is not a sudoer. This incident will be reported"

    Reported to whom?! :p

    Where does it store the info that I attempted to run the "sudo" command?
     
  2. dops7107 macrumors 6502a

    dops7107

    Joined:
    Mar 19, 2005
    Location:
    Perth, Oztrailya
    #2
    It goes straight to the very top of the chain of command. I'd be extremely careful how you behave from now on. :p
     
  3. balamw Moderator

    balamw

    Staff Member

    Joined:
    Aug 16, 2005
    Location:
    New England
    #3
    It goes on your permanent record like all the bad choices you made as a kid.









    Actually, it just goes to a log file so a real sudoer can see if someone has been trying to mess with this machine.


    B
     
  4. Queso macrumors G4

    Joined:
    Mar 4, 2006
    #4
    Well, normally I'd expect it to go into the /var/log/auth.log, but taking a peek in the Terminal it doesn't appear OSX has one of those :)

    So in this case it looks like the message remains from the original UNIX source code but the report itself goes nowhere. Unless anyone else can track the trail and find its final resting place.
     
  5. mkrishnan Moderator emeritus

    mkrishnan

    Joined:
    Jan 9, 2004
    Location:
    Grand Rapids, MI, USA
    #5
    I thought it would go in the form of a system mail message (that you access using "mail"), but it doesn't seem to be the case. Unless it shows up in that form when you login as root?
     
  6. iMeowbot macrumors G3

    iMeowbot

    Joined:
    Aug 30, 2003
    #6
    On the Mac, it's stored in both /var/log/asl.log and /var/log/system.log
     
  7. epochblue macrumors 68000

    epochblue

    Joined:
    Aug 12, 2005
    Location:
    Nashville, TN
    #7
    Reported just to the admin of the system...no biggie. Definitely not reported to anyone of note (not to impugn you, mind you).
     
  8. Shadow macrumors 68000

    Shadow

    Joined:
    Feb 17, 2006
    Location:
    Keele, United Kingdom
    #8
    Yeah, I heard all this kinda stuff goes to Mad Jews post count :D
     
  9. MagicUK macrumors regular

    MagicUK

    Joined:
    May 12, 2007
    Location:
    Hampshire, England
    #9
    No doubt Homeland security has been informed. What size orange jump suit would you like :D.

    Dam forgot they can extradite us UK bod's. I take it all back Mr Bush Sir.
     
  10. jeremy.king macrumors 603

    jeremy.king

    Joined:
    Jul 23, 2002
    Location:
    Fuquay Varina, NC
    #10
    I just got an email saying John was trying to sudo when he shouldn't be :confused:
     
  11. MacsRgr8 macrumors 604

    MacsRgr8

    Joined:
    Sep 8, 2002
    Location:
    The Netherlands
    #11
    If you're working for the CIA, that's what you should expect. :cool:
     
  12. FrankBlack macrumors 6502

    FrankBlack

    Joined:
    Dec 28, 2005
    Location:
    Looking for Lucy Butler
    #12
    You can read all the system and security logs in the console application. It's in Applications/Utilities.

    No need to panic. There won't be any black helicopters over your house, and no guys who look like agents of the Matrix out to get you. Your use of Sudo as a non-admin just gets logged, that's all.

    I've worked in some companies where the IT departments are indeed run like little Fiefdoms, and mere mortals aren't allowed to do much of anything.
     

Share This Page