[sudo-users] sudo_logsrvd configuration
Stefan Johnson
tigerphoenixdragon at gmail.com
Thu Jul 22 06:37:28 MDT 2021
I have a sudoers entry that looks like this (for testing purposes)
Defaults log_output, log_servers="fqdn.of.log.server:30343"
%wheel ALL=(ALL) NOPASSWD: ALL
When I do "sudo su -" I get:
sudo: error message received from server: invalid ClientMessage
sudo: unexpected child termination condition: 0
sudo: unable to set controlling tty: Input/output error
With the debug rule in place, there is this line:
unable to expand iolog dir
/%Y/%m/%d/%H%M/%{hostname}/%s_u_%{user}_g_%{group}_ru_%{runas_user}_rg_%{runas_group}_c_%{command}_XXXXXX
@ create_iolog_path() ./iolog_writer.c:592
Do we need to pre-populate the directory structure? I thought sudo would
create this for us as needed.
Thanks!
Stefan
On Mon, Jul 19, 2021 at 3:39 PM Todd C. Miller <Todd.Miller at sudo.ws> wrote:
> Starting out with non-TLS first makes sense. Your sudo_logsrvd
> config looks reasonable, do you have matching configuration in the
> sudoers file?
>
> For example:
>
> Defaults log_output, log_servers=server_hostname
>
> If you don't log either input or output in sudoers there won't be
> anything for sudo_logsrvd to log.
>
> You can also enable debugging for sudo_logsrvd in /etc/sudo.conf.
> A line like this will do it:
>
> Debug sudo_logsrvd /var/log/logsrvd_debug all at debug
>
> - todd
>
More information about the sudo-users
mailing list