Resolved SECURITY information for <server_name>. Problem with defaults entries ; TTY=unknown

[Manfred Beck]

Server operating system version

AlmaLinux 8.9 (Midnight Oncilla)

Plesk version and microupdate number

18.0.57 Update #3

Once a week I receive tons of mails with:

<server_name> : Dec 12 01:43:20 : <ssh_user_of_domain> : problem with defaults entries ; TTY=unknown ; PWD=/usr/local/psa/admin ; USER=root ;

I presume it comes from VirusTotal Website Check, which I tested weeks ago and then switched it off completely removing also the API-key. Cannot figure out what else can produce this "Unauthorized access to psa / admin folder" error

 

[Peter Debik]

Educated guess:
This error is caused by sudo looking for directives in a place it cannot find them (sss). The settings in the file /etc/nsswitch.conf were the following:

sudoers: sss files

Modify directives in /etc/nsswitch.conf to have only:

sudoers: files

 

[Manfred Beck]

Thank you, I changed the file accordingly and wait a week to see what happens. Btw the .conf file was not touched since 2020.

 

[Manfred Beck]

Dear Peter Debik, thanks, it worked!!!