Sudoers directive gives an error in Audit mode
When I use the Sudoers directive, I get an error in Audit mode:
sudoersFile The generated sudoers file is invalid. Not updating /etc/sudoers. This should not happen.
I do not have the issue when the node or the global setting is in Enforce mode.
Updated by Alexis Mousset over 6 years ago
- Effort required set to Medium
- Priority changed from 54 to 53
The way the technique currently works is by copying the sudoers file to a temporary file, then editing it, checking it with visudo, and comparing it with the original. We can't easily change the audit mode in a technique because it is hard to reset it to previous value.
Fixing this requires a way to temporarily disabling audit mode in a technique, setting to medium.