I copied the sudo.conf file from the doc directory to /etc and still see the ICH408I security message in the log.
I noticed a sudo.conf in the examples directory as well and did a diff (results below).
Should the sudo.conf be used/copied to /etc and if so, which one?
thanks
diff sudo.conf examples/sudo.conf
< Plugin sudoers_policy /etc/sudoers
< Plugin sudoers_io /etc/sudoers
---
> Plugin sudoers_policy sudoers.so
> Plugin sudoers_io sudoers.so
------------------------------
Gary Grossi
IT Director, Z Systems
Alight Solutions
------------------------------
Original Message:
Sent: 06-08-2021 16:44
From: Gary Grossi
Subject: Sudo version 1.8.21p2 on z/OS
Hello Vladimir,
Thanks for taking the time to respond. It's good news that you have reproduced the issue.
Hopefully you can find the root cause.
Let me know if you need more information.
Thanks, Gary
------------------------------
Gary Grossi
IT Director, Z Systems
Alight Solutions
Original Message:
Sent: 06-07-2021 16:44
From: Vladimir Ein
Subject: Sudo version 1.8.21p2 on z/OS
Hello Gary,
Thanks for reporting the issue. You're probably not missing anything. At this point I can't tell for sure what's causing the message to appear; we've successfully recreated it in-house and this will require some research. Please note that we have to prioritize our work for customers that are paying for support, so the research might take some time.
Thanks again,
Vladimir
------------------------------
Vladimir Ein
Rocket Software
Original Message:
Sent: 06-04-2021 17:27
From: Gary Grossi
Subject: Sudo version 1.8.21p2 on z/OS
Just started running sudo with a sudoers file that allows me to run ps -ef to see all USS processes running.
sudo -l
(BPXROOT) NOPASSWD: /bin/ps
After issuing sudo ps -ef, I see the expected output but noticed two of these RACF error messages in the system log.
I wouldn't expect to need READ access to the resource. What am I missing in configuration?
ICH408I USER(xxxxxxxx ) GROUP(xxxxxxxx ) NAME(xxxxxxxx )
BPX.DAEMON CL(FACILITY)
INSUFFICIENT ACCESS AUTHORITY
ACCESS INTENT(READ ) ACCESS ALLOWED(NONE )
thanks
------------------------------
Gary Grossi
IT Director, Z Systems
Alight Solutions
------------------------------