diff content/Linux/debian-fixing-problem-with-defaults-entries.md @ 91:c9b06b5c9185

add a blog post
author Dirk Olmes <dirk@xanthippe.ping.de>
date Sat, 29 Sep 2018 05:58:33 +0200
parents
children 1d9382b0329b
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/content/Linux/debian-fixing-problem-with-defaults-entries.md	Sat Sep 29 05:58:33 2018 +0200
@@ -0,0 +1,16 @@
+Title: Fixing the dreaded "problem with defaults entries" in debian
+Date: 2018-09-29
+Lang: en
+Tags: Debian
+
+At work we host a number of [Debian](https://www.debian.org/) VMs. Most of them are integrated into the central active directory server using the [sssd](https://packages.debian.org/jessie/utils/sssd) package.
+
+Quite unrelatedly my boss kept nagging me about incoming emails to root that looked like this
+
+	Subject: *** SECURITY information for <host> ***
+
+	<host> : Sep 29 05:45:42 : user : problem with defaults entries ; TTY=pts/0 ; PWD=/home/user ; 
+
+I found the relationship between sssd and the eMails only after some heavy googling: the sssd package modifies `/etc/nsswitch.conf` and adds the sssd as the source for sudoers. 
+
+Since we do not keep that info in active directory anyway the fix is easy - simply remove the sssd config for sudoers and enjoy a quiet life without security emails.
\ No newline at end of file