[sudo-users] Does NOT result in the creation of sudo IO log directories by user name in /var/log/sudo-io as described in the sudoers manual

Simon K k_simon78 at yahoo.com
Fri Sep 28 07:32:29 EDT 2012


________________________________
  

Hi All ,

Machine : HP-UX

Architecture : 11.31

Sudo Version : 1.7.10b1


 
I
have  compiled and installed Sudo version 1.7.10b1 on HP-UX machine  and have observed the following behaviors that I believe
are NOT in keeping with the design of the tool:
 
setting
the following in sudoers:
Defaults
iolog_dir=/var/log/sudo-io/%{user}
 
does
NOT result in the creation of sudo IO log directories by user name in
/var/log/sudo-io as described in the sudoers manual found here: http://www.gratisoft.us/sudo/man/1.8.6/sudoers.man.html
 
iolog_dir
The
top-level directory to use when constructing the path name for the input/output
log directory. Only used if the log_input or log_output options are enabled or when
the LOG_INPUT or LOG_OUTPUT tags are present for a command. The session
sequence number, if any, is stored in the directory. The default is
/var/log/sudo-io.
The
following percent (‘%’) escape sequences are supported:
...
%{user}
expanded
to the invoking user's login name
...
 
As
an example, if a user with the username smitty su's to another username via
sudo with the above setting configured in sudoers, sudo should create a
directory (if it doesn't exist) of /var/log/sudo-io/smitty.  The only
thing that gets created in the /var/log/sudo-io directory is a directory called
%{user}.  If the directory already exists, I would expect sudo would write
log information to it.  The current Sudo implementation does NOT appear
to do either of these things, so I'm wondering if this is a result of some
missing configuration on my part, or if this is an actual known problem with
the Sudo product?  Is there some non-standard setting I need to make
somewhere that will enable this to work properly?
 Please help , waiting for the response.

Thanks & Regards,
Simon K


More information about the sudo-users mailing list