How to avoid getting an alert mail when sudo command is executed by unpriviledged users.

Solution Verified - Updated -

Issue

By default, root user gets an alert email like below when unpriviledged users run sudo command.

[test@localhost ~]$ sudo -E ls
[root@localhost ~]# mail
"/var/spool/mail/root": 1 messages
>   1 test@localhost.local  Thu Jul 26 16:19  17/654   "*** SECURITY information for localhost ***"

& 1
Message  1:
From root@localhost.localdomain  Thu Jul 26 16:19:38 2018
Return-Path: <root@localhost.localdomain>
X-Original-To: root
Delivered-To: root@localhost.localdomain
To: root@localhost.localdomain
From: test@localhost.localdomain
Auto-Submitted: auto-generated
Subject: *** SECURITY information for localhost ***
Date: Thu, 26 Jul 2018 16:19:38 +0900 (JST)
Status: RO

localhost : Jul 26 16:19:38 : test : user NOT in sudoers ; TTY=pts/1 ; PWD=/home/test ; USER=root ; COMMAND=/bin/ls


or On postfix

# postcat /var/spool/postfix/maildrop/<QueuID>
*** ENVELOPE RECORDS /var/spool/postfix/maildrop/QueuID ***
message_arrival_time: Fri MM DD HH:MM:SS YYY
named_attribute: rewrite_context=local
sender_fullname: root
sender: root
*** MESSAGE CONTENTS /var/spool/postfix/maildrop/<QueuID> ***
To: root
From: redhat
Auto-Submitted: auto-generated
Subject: *** SECURITY information for localhost ***

localhost : MM DD HH:MM:SS : redhat : user NOT in sudoers ; TTY=pts/0 ; PWD=/home/redhat ; USER=root ; COMMAND=/bin/ls

Environment

  • Red Hat Enterprise Linux 7
  • Red Hat Enterprise Linux 6

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content