As part of our ongoing push to make our servers more secure the tech department decided to lock down the sudo command on our servers by restricting which users could use it and enabling e-mail alerts for unauthorised access. For those of you who do not know of sudoer it is the configuration file on all UNIX/Linux systems that controls who can use sudo and how. Note: sudo allows non root users to run commands as root (admin).
Restricting user access was easy as there are many useful guides on the net. One of these guides mentioned using visudo to edit the sudoer file as it allows you to use your default editor and then runs an integrity check before saving and I highly recomend this.
The fun began when trying to set up e-mail alerts. All the guides and forum posts I had read told me the options I needed but had conflicting syntax. After trying every combination I could think of I resorted to RTFM and read the man page (the one embedded in Ubuntu 10.x not the one on the web) that showed the exact syntax as below.
Defaults mailto=user\@domain.org.au Defaults mail_no_user Defaults mail_badpass
Every other guide had assumed that I would automatically include the Defaults prefix and neglected to mention it (including the web based man page) so I spent half a day chasing my tail.
I hope this helps you avoid the same pain.