[sudo-users] sudoreplay problem
Michael W. Lucas
mwlucas at michaelwlucas.com
Sun Sep 1 18:50:11 MDT 2013
I'm experimenting with sudoreplay using sudo 1.8.7, installed from
source and from FreeBSD packages, on FreeBSD 9.1.
My sudo configuration is very minimal:
Defaults log_output
mwlucas ALL = ALL
It seems to log some sessions:
Sep 1 19:53:42 2013 : mwlucas : TTY=/dev/pts/1 ; CWD=/usr/home/mwlucas ; USER=root ; TSID=000001 ; COMMAND=/usr/bin/passwd
Sep 1 20:04:42 2013 : mwlucas : TTY=/dev/pts/1 ; CWD=/usr/home/mwlucas ; USER=root ; TSID=000002 ; COMMAND=/usr/local/bin/emacs /etc/rc.conf
Sep 1 20:12:26 2013 : mwlucas : TTY=/dev/pts/1 ; CWD=/usr/home/mwlucas ; USER=root ; TSID=000003 ; COMMAND=/usr/local/bin/emacs /etc/test.conf
Sep 1 20:14:53 2013 : mwlucas : TTY=/dev/pts/1 ; CWD=/usr/home/mwlucas ; USER=root ; TSID=000004 ; COMMAND=/bin/tcsh
Sep 1 20:16:37 2013 : mwlucas : TTY=/dev/pts/1 ; CWD=/usr/home/mwlucas ; USER=root ; TSID=000005 ; COMMAND=/bin/sh
And there's files in /var/log/sudo-io.
When I try to replay a session, however, I get no output. One example:
# sudoreplay 000004
Replaying sudo session: /bin/tcsh
<<<long wait, but nothing on the screen>>>
#
Am I misunderstanding something here? Or should I be getting some
other output here?
Thanks,
==ml
--
Michael W. Lucas - mwlucas at michaelwlucas.com, Twitter @mwlauthor
http://www.MichaelWLucas.com/, http://blather.MichaelWLucas.com/
Absolute OpenBSD 2/e - http://www.nostarch.com/openbsd2e
coupon code "ILUVMICHAEL" gets you 30% off & helps me.
More information about the sudo-users
mailing list