From owner-freebsd-questions@FreeBSD.ORG Sun Dec 4 17:44:55 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DDFBA106564A for ; Sun, 4 Dec 2011 17:44:55 +0000 (UTC) (envelope-from carlj@peak.org) Received: from redcondor1.peak.org (redcondor1.peak.org [69.59.192.54]) by mx1.freebsd.org (Postfix) with ESMTP id AA94E8FC13 for ; Sun, 4 Dec 2011 17:44:55 +0000 (UTC) Received: from zmail-mta01.peak.org ([207.55.16.111]) by redcondor1.peak.org ({e03e86cd-14ae-47ce-9578-3c080ce9c462}) via TCP (outbound) with ESMTP id 20111204174454967 for ; Sun, 04 Dec 2011 17:44:54 +0000 X-RC-FROM: X-RC-RCPT: Received: from maple.localnet (unknown [207.55.106.132]) by zmail-mta01.peak.org (Postfix) with ESMTPSA id B6DEC4610ED for ; Sun, 4 Dec 2011 09:44:54 -0800 (PST) Received: from oak.localnet (oak.localnet [IPv6:2001:1938:266::6f:616b]) by maple.localnet (Postfix) with ESMTP id 3AECE61F12 for ; Sun, 4 Dec 2011 09:44:53 -0800 (PST) Received: from oak.localnet (localhost.localnet [127.0.0.1]) by oak.localnet (Postfix) with ESMTP id 01357C531 for ; Sun, 4 Dec 2011 09:44:52 -0800 (PST) Received: (from carlj@localhost) by oak.localnet (8.14.4/8.14.4/Submit) id pB4HiqtN034632; Sun, 4 Dec 2011 09:44:52 -0800 (PST) (envelope-from carlj@peak.org) X-Authentication-Warning: oak.localnet: carlj set sender to carlj@peak.org using -f From: Carl Johnson To: freebsd-questions@freebsd.org References: <353504866.20111204053419@yandex.ru> <20111204144145.98dc9726.freebsd@edvax.de> <1234153491.20111204172029@yandex.ru> Mail-Followup-To: freebsd-questions@freebsd.org Date: Sun, 04 Dec 2011 09:44:52 -0800 In-Reply-To: <1234153491.20111204172029@yandex.ru> (=?utf-8?B?ItCa0L7QvdGM?= =?utf-8?B?0LrQvtCyINCV0LLQs9C10L3QuNC5Iidz?= message of "Sun, 4 Dec 2011 17:20:29 +0200") Message-ID: <87ty5gcju3.fsf@oak.localnet> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.2 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Subject: Re: sudo log messages X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 Dec 2011 17:44:55 -0000 =D0=9A=D0=BE=D0=BD=D1=8C=D0=BA=D0=BE=D0=B2 =D0=95=D0=B2=D0=B3=D0=B5=D0=BD= =D0=B8=D0=B9 writes: > =D0=97=D0=B4=D1=80=D0=B0=D0=B2=D1=81=D1=82=D0=B2=D1=83=D0=B9=D1=82=D0=B5,= Polytropon. > > =D0=92=D1=8B =D0=BF=D0=B8=D1=81=D0=B0=D0=BB=D0=B8 4 =D0=B4=D0=B5=D0=BA=D0= =B0=D0=B1=D1=80=D1=8F 2011 =D0=B3., 15:41:45: > > P> On Sun, 4 Dec 2011 05:34:19 +0200, =D0=9A=D0=BE=D0=BD=D1=8C=D0=BA=D0= =BE=D0=B2 =D0=95=D0=B2=D0=B3=D0=B5=D0=BD=D0=B8=D0=B9 wrote: >>> Tell me please how to stop sudo to food /var/log/messages? > > P> ADDITION: Of course I meant /usr/local/etc/sutoers, > P> NOT sudo.conf. > > P> Instead of logging via syslog (to /var/log/messages), > P> why not use a specific log file for sudo? Add those > P> lines to the sudoers file: > > P> Defaults logfile=3D/var/log/sudo.log > P> Defaults !syslog > > P> Make sure /var/log/sudo.log exists, and maybe use > P> newsyslog.conf to deal with log rotation and archiving. > P> However, you can easily purge sudo log information > P> this way, if required. > > P> The file /usr/local/share/doc/sudo/sample.sudoers > P> contains an example. > > yes, that is not problem, but I want to control logging in one place > not in each config file of service I have ran on machine. > > I have thought that this > !sudo > *.* /var/log/sudo.log > will take off logging in /var/log/messages but this work as > log to /var/log/messages and to /var/log/sudo.log =3D(( You are not clear about what you really want. If you want it to log to auth.log instead of messages, then you can use the following in your sudoers file: Defaults syslog=3Dauthpriv The sample file that was mentioned earlier is one source for information, but the best source is the sudoers(5) man page. Just search it for syslog and you will find several settings. --=20 Carl Johnson carlj@peak.org