I have a line
logger Ok
in my script. When I run it from command line with either of
./myscript.sh
sudo ./myscript.sh
sudo bash ./myscript.sh
it writes in log
Oct 17 22:32:01 d40688 mysqlf: Ok
I.e. it knows my username and doesn't think I am root.
While if I run this script from /var/spool/cron/root it writes
Oct 17 22:32:01 d40688 root: Ok
i.e. it thinks I am a root.
How to simulate latter run from command line?
It's either a bug, or the manpage is wrong. It states that the uid of the controlling terminal is used or the effective uid. It should therefore call geteuid, but doesn't, in fact, it just calls getlogin which returns the uid owner of the terminal. Take your pick.
You don't even need sudo for that.
user$ logger -t root sudo sucks
then
root# journalctl -n1 | cat
-- Journal begins at Mon 2021-09-13 04:01:40 UTC, ends at Sun 2021-10-17 20:15:43 UTC. --
Oct 17 20:15:43 diantre root[1441]: sudo sucks
according to the logger(1) manpage:
-t, --tag tag
Mark every line to be logged with the specified tag. The default tag is the name of the user logged in on the terminal (or a user name based on effective user ID)
now, wth is the "user logged in on the terminal", and how could logger determine it?
$ strace logger t
...
openat(AT_FDCWD, "/proc/self/loginuid", O_RDONLY) = 4
read(4, "2000", 12) = 4
close(4)
... = 0
It's through another undocumented interface in procfs.
getlogin?
sudo ./myscript.sh, temporarily addenv | grep SSHto get a hint. Readman sudo sudoers logger.