13

sudo: blocking specific commands

view full story
linux-howto

http://www.unix.com – Hello all, I manage some HP-UX 11.31 servers. I have some users that have sudo access. All of them belong to the 'sudoers' user group. Right now, sudo is configured as wide open: %sudoers ALL=(ALL) ALL We are using sudo mostly for auditing purposes - when a user wants to run a privileged command, I want to see exactly what they are doing in syslog. I have some sneaky users however who are running '/usr/sbin/smh' and also just 'su -' to gain a root shell. I don't like this because I cannot see what they're doing. What lines can I add to the /etc/sudoers file to block this group from ru (HowTos)