sudo configuration

Ensure sudo is installed

rpm -q sudo

# Remediation 
dnf install sudo

Ensure sudo commands use pty

grep -Ei '^\s*Defaults\s+(\[^#]+,\s*)?use_pty' /etc/sudoers

# Remediation:
visudo -f /etc/sudoers 
## add 
Defaults use_pty

Ensure sudo log file exists

grep -Ei '^\s*Defaults\s+([^#]+,\s*)?logfile=' /etc/sudoers /etc/sudoers.d/*

# Remediation:
visudo -f /etc/sudoers
Defaults logfile="/var/log/sudo.log"

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.