Would it be possible that when a normal user logs in to root via su command an email notification will be sent?
Asked
Active
Viewed 2,051 times
1 Answers
0
A solution would be creating a script which sends an email and executes a shell:
#!/bin/bash
echo "sudo was used" | mail -s "sudo notification" your@mailaddress
exec bash
Be sure to protect this script against any access from unprivileged users (see the lower part of this answer)!
Then force privileged user joe to execute the script via restrictive sudo permissions.
An example for /etc/sudoers:
joe ALL = (root) /absolute/path/to/your/script.sh
Now joe can call sudo /absolute/path/to/your/script.sh and gets a root shell while you are notified.
However, be aware that once joe gets the root shell he owns your system, i.e. nothing keeps him from modifying your script, the sudoers file, and so on.
