(Needless to say, this post has an extremely low priority, since it is nothing urgent at all; it’s just that my newly installed openSUSE works so well that I don’t know what the hell to fix).
syslog Syslog facility if syslog is being used for logging (negate to
disable syslog logging). Defaults to auth.
Of course, I’m not sure if this disables all sudo logging or if this can
be specified on one line for a specific rule (this particular command, for
example).
Good luck.
On 02/15/2010 02:16 AM, macedonio wrote:
>
> (I don’t know if this is the correct section for this.)
>
> I am trying a conky with the following line:
>
> Code:
> --------------------
> ${execi 2 sudo /usr/bin/tail /var/log/messages}
> --------------------
>
>
> /usr/bin/tail /var/log/messages has been added to sudoers.
>
> It works fine; the problem is that every call to sudo /usr… conky
> makes is registered in /var/log/messages.
>
> The result, as you can see, is not too nice:
>
> [image: http://img46.imageshack.us/img46/7375/instantnea5.png]
>
> Any ideas?
> Thanks in advance.
>
> (Needless to say, this post has an extremely low priority, since it is
> nothing urgent at all; it’s just that my newly installed openSUSE works
> so well that I don’t know what the hell to fix).
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
That’s exactly what I needed (you would have been justified to tell to RTFM).
However, I can’t get it working. I can’t understand the syntax. I’ll keep looking.
I try to be nice to users in the forums… at least the first time.
Next time I’ll shorten my response.
Please post back what you find. I didn’t have time to find/test the exact
setup so hopefully either you or somebody else can help with that.
Good luck.
On 02/15/2010 04:46 AM, macedonio wrote:
>
> That’s exactly what I needed (you would have been justified to tell to
> RTFM).
> However, I can’t get it working. I can’t understand the syntax. I’ll
> keep looking.
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
As far as I can tell this will disable all logging. Now far from knowing but as syslog-ng is handling this I suspect it might be easier to just relog the messages.
Now from googling I found this bug report with what I think is sudo being logged to sudo.log.
## -- define destinations
destination sudo { file("/var/log/sudo.log"); };
## -- create filters
filter f_sudo { program(sudo); };
# Haven't got a clue if this is needed
## -- connect filter and destination (may be order dependant)
log { source(src); filter(f_sudo); destination(sudo);
flags(final); }; # Not sure what this does or if even needed
Perhaps that lot will help. Any way the crux is I think syslog.conf will achieve this whilst still keeping the messages so they’re retrievable. Though you also have a logfile flag from sudoers but I suspect this maybe as well as syslog rather than instead of.
FeatherMonkey:
your trick left me halfway: sudo messages are now being sotred in a separate log, but they have not disappeared from /var/log/messages, so no good.
It’s a good chance to understand syslog, syslog-ng, etc. so I’m looking into it as a toddler with a new toy.