Blog: content/Linux/debian-fixing-problem-with-defaults-entries.md annotate

annotate content/Linux/debian-fixing-problem-with-defaults-entries.md @ 107:712e2e9cf8b1

new blog post

author	Dirk Olmes <dirk.olmes@codedo.de>
date	Wed, 16 Jun 2021 16:40:17 +0200
parents	1d9382b0329b
children

rev	line source
91 c9b06b5c9185 add a blog post Dirk Olmes <dirk@xanthippe.ping.de> parents: diff changeset	1 Title: Fixing the dreaded "problem with defaults entries" in debian
c9b06b5c9185 add a blog post Dirk Olmes <dirk@xanthippe.ping.de> parents: diff changeset	2 Date: 2018-09-29
c9b06b5c9185 add a blog post Dirk Olmes <dirk@xanthippe.ping.de> parents: diff changeset	3 Lang: en
c9b06b5c9185 add a blog post Dirk Olmes <dirk@xanthippe.ping.de> parents: diff changeset	4 Tags: Debian
c9b06b5c9185 add a blog post Dirk Olmes <dirk@xanthippe.ping.de> parents: diff changeset	5
c9b06b5c9185 add a blog post Dirk Olmes <dirk@xanthippe.ping.de> parents: diff changeset	6 At work we host a number of [Debian](https://www.debian.org/) VMs. Most of them are integrated into the central active directory server using the [sssd](https://packages.debian.org/jessie/utils/sssd) package.
c9b06b5c9185 add a blog post Dirk Olmes <dirk@xanthippe.ping.de> parents: diff changeset	7
c9b06b5c9185 add a blog post Dirk Olmes <dirk@xanthippe.ping.de> parents: diff changeset	8 Quite unrelatedly my boss kept nagging me about incoming emails to root that looked like this
c9b06b5c9185 add a blog post Dirk Olmes <dirk@xanthippe.ping.de> parents: diff changeset	9
98 1d9382b0329b Specify the syntax on markdown blocks to avoid broken output that has class=err Dirk Olmes <dirk@xanthippe.ping.de> parents: 91 diff changeset	10 :::shell
91 c9b06b5c9185 add a blog post Dirk Olmes <dirk@xanthippe.ping.de> parents: diff changeset	11 Subject: * SECURITY information for <host> *
c9b06b5c9185 add a blog post Dirk Olmes <dirk@xanthippe.ping.de> parents: diff changeset	12
c9b06b5c9185 add a blog post Dirk Olmes <dirk@xanthippe.ping.de> parents: diff changeset	13 <host> : Sep 29 05:45:42 : user : problem with defaults entries ; TTY=pts/0 ; PWD=/home/user ;
c9b06b5c9185 add a blog post Dirk Olmes <dirk@xanthippe.ping.de> parents: diff changeset	14
c9b06b5c9185 add a blog post Dirk Olmes <dirk@xanthippe.ping.de> parents: diff changeset	15 I found the relationship between sssd and the eMails only after some heavy googling: the sssd package modifies `/etc/nsswitch.conf` and adds the sssd as the source for sudoers.
c9b06b5c9185 add a blog post Dirk Olmes <dirk@xanthippe.ping.de> parents: diff changeset	16
c9b06b5c9185 add a blog post Dirk Olmes <dirk@xanthippe.ping.de> parents: diff changeset	17 Since we do not keep that info in active directory anyway the fix is easy - simply remove the sssd config for sudoers and enjoy a quiet life without security emails.