[sudo-users] Detecting unused rules

Thomas Mueller thomas at chaschperli.ch
Fri May 26 00:02:06 MDT 2017

Hi all

I just thought a bit about how to detect sudo rules not used (or never
used at all) to cleanup the configured rules. My conclusion is that i
would need some sort of unique rule id to match sudo logs with defined
rules. I tried to google what others do - but my googlefoo failed. :)

Is anybody matching defined rules with effectively used ones to detect
unused rules and if yes, how do you do this now?

- Thomas

More information about the sudo-users mailing list