[sudo-users] Question about logging

Todd C. Miller Todd.Miller at courtesan.com
Fri Sep 30 08:02:24 EDT 2011

On Wed, 28 Sep 2011 14:09:29 +0200, Jocke M wrote:

> I really like the ttyin/ttyout function but is it possible to have the sudo
> commands (included nested, eg "sudo su -") from all sessions and users
> logged in a single file?

Not at this time.  Sudo doesn't have a way to trap attempts to
execute commands in the process being run.  This could conceivably
be done with LD_PRELOAD, though that is not very robust.  A
ptrace-based solution is probably better but the ptrace interface
is inherently non-portable.

Really, though, the point of sudo is to make it possible to run
privileged commands without resorting to a root shell.

 - todd

More information about the sudo-users mailing list