[sudo-users] disable logging successful commands to systemd journal
ilf
ilf at zeromail.org
Wed Nov 30 05:02:14 MST 2016
By default, sudo logs every invocation to system logs.
I would like to disable logging successful commands to systemd journal.
But I would like to *keep* logs about unsuccessful attempts, like
"pam_unix(sudo:auth): authentication failure" and "3 incorrect password
attempts".
Unfortunately, I cannot figure out from man-pages and
/usr/share/doc/sudo/ how to do that.
Searching the archives of this list only show an 11 year old thread to
disable logging of *all* messages generated by a user:
> Defaults>monuser !syslog=local7
https://www.sudo.ws/pipermail/sudo-users/2005-August/002607.html
This "Defaults:user !syslog" is also returned by a websearch:
https://stackoverflow.com/questions/14277116/suppress-log-entry-for-single-sudo-commands
https://unix.stackexchange.com/questions/174257/how-to-disable-sudo-related-logging-for-successful-command-execution-under-cento
But I cannot even find a mention of that "syslog" option in the
documentation, let alone an explanatino of what exactly it does.
Also, it disabling logging for an entire user is not what I would like
to achieve.
So: Does anyone know how to disable logging successful commands (for one
specific user) to systemd journal?
Thanks, and keep up the good work!
--
ilf
Über 80 Millionen Deutsche benutzen keine Konsole. Klick dich nicht weg!
-- Eine Initiative des Bundesamtes für Tastaturbenutzung
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://www.sudo.ws/pipermail/sudo-users/attachments/20161130/53caf851/attachment.bin>
More information about the sudo-users
mailing list