sudo and sylogd logging

Ed Grimm eman at
Sun May 23 07:57:58 EDT 2004

On Fri, 7 May 2004, Martinez, Margie (ETSD) wrote:

> I've installed "sudo" using rpm on an AIX 5.2 machine.  I'm having trouble
> getting it to log using syslogd.  I can get it to log using the sudoers
> file, but prefer not to because the sudoers file is not secure and also I'd
> like to log to an alternate host.
> I've set up the syslog.conf file and it does pick up other things like when
> a user su's or running "refresh -s syslogd", but it does not pickup when
> someone issues a "sudo" command.  I even got it to log into an alternate
> host file.
> It seems like syslogd does not acknowledge "sudo"
> In my syslog.conf file I entered:
> *.*         /var/adm/sudolog

I don't think your log priority specification is correct for AIX's
syslogd.  I think you need to use 'debug' instead (which should log
everything that's debug or higher, aka everything.).

Typically, proprietary unix systems don't understand the * for priority.

If you've installed a freeware or Open Source syslogd, this does not
apply.  Also, given that you're actually telling it to log *everything*
to that file, you can tell if this is the correct answer by what is
making it into the file - if anything is being written by syslogd into
that file, then I'm wrong.


More information about the sudo-workers mailing list