How to Stop “sudo” from Sending Emails on Failures in CentOS/RHEL

The Problem

When a sudo command fails a mail is triggered when the messages below appears:

Apr X 04:30:28 XXX2 sudo[12591]: pam_vas: Authentication for user: account:  service: reason: <>
Apr X 04:30:28 XXX2 sudo: rtp : pam_authenticate: Conversation error ; TTY=unknown ; PWD=/home/rtp ; USER=root ; COMMAND=/sbin/ethtool public:2
Apr X 04:30:28 XXX2 sudo: rtp : command not allowed ; TTY=unknown ; PWD=/home/rtp ; USER=root ; COMMAND=/sbin/ethtool public:2

The Solution

The report is being triggered because the user “rtp” is not allowed to run the command “/sbin/ethtool public:2”, and the report is sent as an email to the root user, because CentOS/RHEL will automatically setup an alias for the user directing the mail to the first account created during the installation process, and the first user setup in the system is the user root.

To stop this behaviour, create a file in /etc/sudoers.d/, for example all_cmnds, insert the following line:

Defaults!mail_all_cmnds

and save it.

More information about this command can be found in the man pages for sudo:

mail_all_cmnds
Send mail to the mailto user every time a user attempts to run a command via sudo (this includes sudoedit). 
No mail will be sent if the user runs sudo with the -l or -v option unless there is an authentication error 
and the mail_badpass flag is also set. 
This flag is off by default.

The Problem

The Solution

You May Also Like