[sudo-users] excluding a user from all sudo logging
Peter Smith
Peter.Smith3 at tafensw.edu.au
Thu Sep 12 23:07:45 MDT 2019
-----Original Message-----
From: ed-sudo at s5h.net <sudo-users at sudo.ws>
Sent: 13 September 2019 14:55
To: Peter Smith <Peter.Smith3 at tafensw.edu.au>
Subject: Re: [sudo-users] excluding a user from all sudo logging
On 2019-09-13 04:47+0000, Peter Smith wrote:
> I've tried: Defaults:servicenow !syslog
What does sudo -l -U servicenow give you?
-- Best regards,
Ed
I get:
Matching Defaults entries for servicenow on this host:
!visiblepw, always_set_home, env_reset, env_keep="COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR LS_COLORS", env_keep+="MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE", env_keep+="LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT
LC_MESSAGES", env_keep+="LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE", env_keep+="LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY", secure_path=/sbin\:/bin\:/usr/sbin\:/usr/bin, !syslog, !log_output, !log_input,
log_output, log_input
User servicenow may run the following commands on this host:
(root) NOPASSWD: /<hidden>
Hmmm. So I guess the latter "log_output, log_input", trumps the previous "!log_output, !log_input" ?
***** The contents of this email and its attachments are confidential and intended solely for the use of the individual or entity to whom they are addressed. *****
More information about the sudo-users
mailing list