LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
Reload this Page correct sudo logging in RedHat
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 02-22-2002, 07:46 AM   #1
sancho5
Member
 
Registered: Jul 2001
Location: Utah
Distribution: RedHat v7.3, OpenBSD 3.3, FreeBSD 5.0
Posts: 327

Rep: Reputation: 30
correct sudo logging in RedHat

Greetz all,

I'm trying to set up sudo to log to /var/log/sudo and have run into the problem that instead of logging only sudo commands, my entire system log is writing to this file. (RH 7.2)

I've added the following lines to the bottom of my /etc/syslog.conf:

!sudo
*.* /var/log/sudo

And then touch'ed the file /var/log/sudo and HUP'd the syslogd.

I've mirrored this config from a BSD box I'm running also, but instead of logging only sudo activity, I'm logging every event in syslog to /var/log/sudo. I susprect that it is because I specified *.* for the events, but like I said, this is mirroring a BSD config that functions correctly. Any hints?
TIA
 
Old 05-07-2004, 08:52 AM   #2
Margie
LQ Newbie
 
Registered: May 2004
Location: Miami
Posts: 1

Rep: Reputation: 0
sudo logging
I work primarily with AIX.

You're right the *.* will pick up all loggins.

You can use the sudoers file (visudo) and add the following entry which will only log sudo commands:

Defaults: log_year, logfile=/var/log/sudo.log

(Use tab to type "log_year,...)

This will log only the current host.

If you want to also log to an alternate host, you can use the /etc/syslog.conf, which is what you're probably using now.

You can read more about it at: www.komar.org/pres/sudo/syslog14.html for syslog.conf entries.

IBM support suggested that you can use "local2.debug" instead of *.* or "local2.info"

I'm trying to get sudo to log using syslogd, but no success - not even with *.*

Hope this helps.




Last edited by Margie; 05-07-2004 at 09:21 AM.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Restricting Editing in Sudo (Advanced Sudo Question) LinuxGeek Linux - Software 4 11-04-2006 03:20 PM
sudo logging satinet Linux - Security 4 10-21-2005 05:56 AM
wrong upgrade of glibc . Can i go back to the correct version? RedHat 7.3 enrique-t Red Hat 1 03-06-2004 02:52 PM
Can't login using correct password on RedHat 9 philipacamaniac Linux - Software 8 11-07-2003 10:41 AM
RedHat 8.0 Hangs after logging in linuxgreenie Linux - Newbie 3 08-26-2003 12:00 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 02:58 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration