BradV has asked for the wisdom of the Perl Monks concerning the following question:

I have a Big Brother perl script which reads the system auth log to generate a report. I have put the full path to the perl script in the sudoers file and have Big Brother configured to run a bash script. That bash script simply has the entry:

sudo /usr/local/bbuser/ext/bb-audit.pl

This works fine under Linux since the whole perl script is getting executed with elevated privileges. Solaris, on the other hand, does not like it and barfs when I try to open the log file. I have in the perl script:

if ( `uname -s` eq "SunOS" ) {
   $file="/var/log/authlog"
} else {
   $file="/var/log/secure"
}
my $fh=IO::File->new($file, O_RDONLY) or die 'Could not open file ', $
+file, ": $!";

[download]

Solaris 10 continually fails with:

Could not open file /var/log/authlog: Permission denied at /usr/local/bbuser/ext/bb-audit.pl line 96.

Line 96 is the IO::File->new line. Any thoughts on how to make this work under Solaris?

Replies are listed 'Best First'.
Re: sudo setting to read auth log
by JavaFan (Canon) on Apr 16, 2012 at 10:51 UTC
    What's the permission of /var/log/authlog? What happens if you run this when logged in as root? How does your sudo config look like? Are you using any ACL on the file? Are there any OS level roles that come in play?
[reply]

      The permission is 600. Running it as root works fine. I have in /etc/sudoers:

      Host_Alias   THIS=thishost
User_Alias   BB=bbuser
Cmnd_Alias   BB_C=/usr/local/bbuser/ext/bb-audit.pl, /usr/bin/perl
BB  THIS=NOPASSWD:BB_C

      [download]

      No ACL or roles are involved.

      The bash script just runs

      sudo /usr/local/bbuser/ext/bb-audit.pl

      I've even tried putting in "/usr/bin/perl" after the sudo. It still fails when trying to open the log file. Doing a sudo -l as the bbuser does show that bbuser can run as root those commands above. So, I don't believe it is an "error" in sudo.

[reply]
[d/l]
[select]
        Then I don't know; my Solaris knowledge is too rusty. It doesn't look like a Perl problem though -- perhaps you're better off asking the question in a Solaris forum.
[reply]

Back to Seekers of Perl Wisdom