Date: Sun, 04 Dec 2011 09:44:52 -0800 From: Carl Johnson <carlj@peak.org> To: freebsd-questions@freebsd.org Subject: Re: sudo log messages Message-ID: <87ty5gcju3.fsf@oak.localnet> In-Reply-To: <1234153491.20111204172029@yandex.ru> (=?utf-8?B?ItCa0L7QvdGM?= =?utf-8?B?0LrQvtCyINCV0LLQs9C10L3QuNC5Iidz?= message of "Sun, 4 Dec 2011 17:20:29 %2B0200") References: <353504866.20111204053419@yandex.ru> <20111204144145.98dc9726.freebsd@edvax.de> <1234153491.20111204172029@yandex.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
=D0=9A=D0=BE=D0=BD=D1=8C=D0=BA=D0=BE=D0=B2 =D0=95=D0=B2=D0=B3=D0=B5=D0=BD= =D0=B8=D0=B9 <kes-kes@yandex.ru> writes: > =D0=97=D0=B4=D1=80=D0=B0=D0=B2=D1=81=D1=82=D0=B2=D1=83=D0=B9=D1=82=D0=B5,= Polytropon. > > =D0=92=D1=8B =D0=BF=D0=B8=D1=81=D0=B0=D0=BB=D0=B8 4 =D0=B4=D0=B5=D0=BA=D0= =B0=D0=B1=D1=80=D1=8F 2011 =D0=B3., 15:41:45: > > P> On Sun, 4 Dec 2011 05:34:19 +0200, =D0=9A=D0=BE=D0=BD=D1=8C=D0=BA=D0= =BE=D0=B2 =D0=95=D0=B2=D0=B3=D0=B5=D0=BD=D0=B8=D0=B9 wrote: >>> Tell me please how to stop sudo to food /var/log/messages? > > P> ADDITION: Of course I meant /usr/local/etc/sutoers, > P> NOT sudo.conf. > > P> Instead of logging via syslog (to /var/log/messages), > P> why not use a specific log file for sudo? Add those > P> lines to the sudoers file: > > P> Defaults logfile=3D/var/log/sudo.log > P> Defaults !syslog > > P> Make sure /var/log/sudo.log exists, and maybe use > P> newsyslog.conf to deal with log rotation and archiving. > P> However, you can easily purge sudo log information > P> this way, if required. > > P> The file /usr/local/share/doc/sudo/sample.sudoers > P> contains an example. > > yes, that is not problem, but I want to control logging in one place > not in each config file of service I have ran on machine. > > I have thought that this > !sudo > *.* /var/log/sudo.log > will take off logging in /var/log/messages but this work as > log to /var/log/messages and to /var/log/sudo.log =3D(( You are not clear about what you really want. If you want it to log to auth.log instead of messages, then you can use the following in your sudoers file: Defaults syslog=3Dauthpriv The sample file that was mentioned earlier is one source for information, but the best source is the sudoers(5) man page. Just search it for syslog and you will find several settings. --=20 Carl Johnson carlj@peak.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?87ty5gcju3.fsf>