[sudo-users] sudo_logsrvd configuration

Stefan Johnson tigerphoenixdragon at gmail.com
Thu Jul 22 06:37:28 MDT 2021

I have a sudoers entry that looks like this (for testing purposes)

Defaults log_output, log_servers="fqdn.of.log.server:30343"

When I do "sudo su -" I get:
sudo: error message received from server: invalid ClientMessage
sudo: unexpected child termination condition: 0
sudo: unable to set controlling tty: Input/output error

With the debug rule in place, there is this line:
unable to expand iolog dir
@ create_iolog_path() ./iolog_writer.c:592

Do we need to pre-populate the directory structure?  I thought sudo would
create this for us as needed.



On Mon, Jul 19, 2021 at 3:39 PM Todd C. Miller <Todd.Miller at sudo.ws> wrote:

> Starting out with non-TLS first makes sense.  Your sudo_logsrvd
> config looks reasonable, do you have matching configuration in the
> sudoers file?
> For example:
> Defaults log_output, log_servers=server_hostname
> If you don't log either input or output in sudoers there won't be
> anything for sudo_logsrvd to log.
> You can also enable debugging for sudo_logsrvd in /etc/sudo.conf.
> A line like this will do it:
> Debug sudo_logsrvd /var/log/logsrvd_debug all at debug
>  - todd

More information about the sudo-users mailing list