[sudo-workers] limit io logging per source

Todd C. Miller Todd.Miller at courtesan.com
Thu Apr 27 13:59:24 MDT 2017

On Thu, 27 Apr 2017 21:55:31 +0200, Daniele Palumbo wrote:

> Scenario:
> We do have in example cron that runs every minute, collecting 2GB in 2/3
> days.
> This cron has to run as user because in this way we can keep automation
> among users.
> We wish to limit the amount of logs, but we wish to keep all of the
> other logs from this user.
> Is possible to exclude some "source" (like cron) from io logging?

There's not currently any way to apply policy based on the parent
process (in your example, cron).

However, you can disable I/O logging for the particular command(s)
that the user is running via cron.  Just add the NOLOG_OUTPUT tag
to the command in the user's sudoers entry.

 - todd

More information about the sudo-workers mailing list