LinuxQuestions.org

LinuxQuestions.org (http://www.linuxquestions.org/questions/index.php)
-   Linux - General (http://www.linuxquestions.org/questions/forumdisplay.php?f=1)
-   -   How to enable sudo users execute commands by Logs su - (http://www.linuxquestions.org/questions/showthread.php?t=4175437731)

arun5002 11-18-2012 07:26 PM

How to enable sudo users execute commands by Logs su -
 
Hi,
Im running Ubuntu 10.04 Lucid .I had enabled Administrator(sudo) Priviledge for few users.How can i Log the history & Commands executed by Sudo users.Whether its possible .Any help to find out the answer .

bigrigdriver 11-18-2012 10:09 PM

Excerpt from "Quick HOWTO : Ch09 : Linux Users and Sudo" found here.
Quote:

You can view a comprehensive list of /etc/sudoers file options by issuing the command man sudoers.
Using syslog To Track All sudo Commands

All sudo commands are logged in the log file /var/log/messages which can be very helpful in determining how user error may have contributed to a problem. All the sudo log entries have the word sudo in them, so you can easily get a thread of commands used by using the grep command to selectively filter the output accordingly.

Here is sample output from a user bob failing to enter their correct sudo password when issuing a command, immediately followed by the successful execution of the command /bin/more sudoers.
[root@bigboy tmp]# grep sudo /var/log/messages
Nov 18 22:50:30 bigboy sudo(pam_unix)[26812]: authentication failure; logname=bob uid=0 euid=0 tty=pts/0 ruser= rhost= user=bob
Nov 18 22:51:25 bigboy sudo: bob : TTY=pts/0 ; PWD=/etc ; USER=root ; COMMAND=/bin/more sudoers
[root@bigboy tmp]#


All times are GMT -5. The time now is 11:54 PM.