[sudo-users] sudoreplay "best practice" questions
Divan Santana
divan at santanas.co.za
Wed Oct 5 02:04:31 MDT 2016
Hi All,
Firstly apologies for strickly not replying to the same thread, just
same subject. I haven't figured out how to pull down the archives easily
into my mail program.
> If MaxSeq isn't listed in the man page then you need a newer version
> of sudo.
> As another list member mentioned, setting maxseq in sudoers to
> a reasonable value for your system is the simplest solution.
> This is available in sudo 1.8.7 and above.
This sounds useful and interesting.
Weirdly, RHEL 6 and 7 seems to be on 1.8.6.x
I can't seem to verify how to check a system supports this feature.
Ubuntu 14.04 ships with 1.8.9.
Arch Linux is now on 1.8.18.
I've done the below on 14.04, RHEL 6, 7 and Arch Linux and all return
nothing.
```
man sudoreplay|grep -i maxseq
man sudo|grep -i maxseq
```
Does this mean it's not supported, or how else can I check?
> Another approach is to have a cron job that removes old logs
> when space/inodes starts to get tight.
Yeah we might have to go this route which is not ideal. Anyone have any
nice scripts they feel like sharing let me know. :)
--
Best regards,
Divan Santana
More information about the sudo-users
mailing list