sudo-users digest, Vol 1 #263 - 4 msgs
Dana Kaempen
decay at flash.net
Thu Dec 6 18:30:24 EST 2001
Todd C. Miller wrote:
> In recent versions of sudo you can do the following:
>
> Defaults logfile=/var/adm/sudo.log
> Defaults:john logfile=/usr/local/log/sudo.john
> Defaults:jane logfile=/usr/local/log/sudo.jane
Well, this does work as requested. Perfectly. But upon testing, it
became clear that I requested the wrong type of logging. I'm actually
interested in logging by the sudo'd user, not the sudoer. All the root
commands I still want logged to the default of /var/adm/sudo.log; but
for specific users that we sudo *into* I'd like to log to a different
file. We may have multiple people su'g into the same couple of users.
We want all the commands that su into a specific (non-root) user to end
up in a log file named for that specific user. I asked the wrong
question yesterday - sorry about that.
Examples:
User Command Desired logfile
==== ======= ===============
john sudo kill 9955 /var/adm/sudo.log
john sudo -u produser job1 /usr/local/log/produser
jane sudo -u tester job755 /usr/local/log/tester
jane sudo qadm -D PrdLJ4 /var/adm/sudo.log
Can this be done?
Thanks again,
Dana
--
..d..ecay
mailto:decay at flash.net
------------------------
"Keep the wheels rolling." - Anonymous traffic prophet
More information about the sudo-users
mailing list