trouble with syslog and sudo logs
Todd C. Miller
Todd.Miller at courtesan.com
Wed Jan 23 00:49:27 EST 2002
In message <OE16SN2uhoSQD5Y54Qt00012596 at hotmail.com>
so spake "John Hines" (bigjohn_101):
> # $FreeBSD: src/etc/syslog.conf,v 1.13.2.2 2001/02/26 09:26:11 phk Exp $
> #
> # Spaces are NOT valid field separators in this file.
> # Consult the syslog.conf(5) manpage.
> *.err;kern.debug;auth.notice;mail.crit /dev/console
> *.notice;kern.debug;lpr.info;mail.crit;news.err /var/log/messages
> security.* /var/log/security
> mail.info /var/log/maillog
> lpr.info /var/log/lpd-errs
> cron.* /var/log/cron
> *.err root
> *.notice;news.err root
> *.alert root
> *.emerg *
> # uncomment this to log all writes to /dev/console to =
> /var/log/console.log
> #console.info /var/log/console.log
> # uncomment this to enable logging of all log messages to =
> /var/log/all.log
> #*.* /var/log/all.log
> # uncomment this to enable logging to a remote loghost named loghost
> #*.* @loghost
> # uncomment these if you're running inn
> # news.crit /var/log/news/news.crit
> # news.err /var/log/news/news.err
> # news.notice =
> /var/log/news/news.notice
> !startslip
> *.* /var/log/slip.log
> !ppp
> *.* /var/log/ppp.log
> # This logs successful and failed sudo attempts to the file =
> /var/log/sudo.log
> local2.debug /var/log/sudo.log
You need to add "local2.none" after the "news.err" in /var/log/messages
line. That will keep sudo messages going to /var/log/messages.
- todd
More information about the sudo-users
mailing list