conky and /var/log/messages

(I don’t know if this is the correct section for this.)

I am trying a conky with the following line:

${execi 2 sudo /usr/bin/tail /var/log/messages}

/usr/bin/tail /var/log/messages has been added to sudoers.

It works fine; the problem is that every call to sudo /usr… conky makes is registered in /var/log/messages.

The result, as you can see, is not too nice:

http://img46.imageshack.us/img46/7375/instantnea5.png

Any ideas?
Thanks in advance.

(Needless to say, this post has an extremely low priority, since it is nothing urgent at all; it’s just that my newly installed openSUSE works so well that I don’t know what the hell to fix).

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

man sudoers

I see the following in there:

syslog Syslog facility if syslog is being used for logging (negate to
disable syslog logging). Defaults to auth.

Of course, I’m not sure if this disables all sudo logging or if this can
be specified on one line for a specific rule (this particular command, for
example).

Good luck.

On 02/15/2010 02:16 AM, macedonio wrote:
>
> (I don’t know if this is the correct section for this.)
>
> I am trying a conky with the following line:
>
> Code:
> --------------------
> ${execi 2 sudo /usr/bin/tail /var/log/messages}
> --------------------
>
>
> /usr/bin/tail /var/log/messages has been added to sudoers.
>
> It works fine; the problem is that every call to sudo /usr… conky
> makes is registered in /var/log/messages.
>
> The result, as you can see, is not too nice:
>
> [image: http://img46.imageshack.us/img46/7375/instantnea5.png]
>
> Any ideas?
> Thanks in advance.
>
> (Needless to say, this post has an extremely low priority, since it is
> nothing urgent at all; it’s just that my newly installed openSUSE works
> so well that I don’t know what the hell to fix).
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJLeRUzAAoJEF+XTK08PnB5UnEP/Rb8+tkbziNzbXLouaO0KtJR
kzCXQ4pNVGUZu0GyzklIKvEcVdXBJVpnjNN5TwtNm797Q2hksaJw8hc4wQ8n43O5
f6HPCgDEeK0TioVX8qU7ddxp2lKYJFWPCIkG+zFre/ZDd8CPVFWyhiWJxbRcp5iy
650aUg+0aiPZbKXLwT/bw8UhF61N4f/OFu4m4RaDneP2kFggn4arXyG8uXf+6iZn
eY5wzuVOwHWPgI5PDBRvhyz+wDW624uK1sZ9Hh+bEmbSfJpRbUlyeahzFQXvhpo1
1Vib8OLeRFGBjf01ycPaFkafDHAsD4hEvkOg8lPnctw7qfdzOBhfxBwZ/pXFLRkw
mNjl2ktFmIjuuSG+/mZldLe2AC//uI1vyYgN0rs/OYBuYOKnNBdHbcx8ySEwNGLS
zTSgj2ulqBDyhG9ZxhxVEwLtIal4/LP/B/c8W0fZrM2oAuQMmYhIwlOqTA1x9E8k
aHf62rc8vEN8zbCHSzOg0psc3iOseox+zyhnCpq3+l3KAyvZxS1s3OBZYZQAbiFc
fuBubQVGTvFjyumRjLqfFwEljXoT84l9EPwzYvyaMA5ghulyddXuUhUlWWQnqpBC
E9afp5zVXe1kufW9QEylWiY6p1rOi1FDTHbP5qLhMHIkpMrZf5PR8YCt9a6Xtmoq
p38ttI3LMBHlviuDGeO8
=s4lU
-----END PGP SIGNATURE-----

That’s exactly what I needed (you would have been justified to tell to RTFM).
However, I can’t get it working. I can’t understand the syntax. I’ll keep looking.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I try to be nice to users in the forums… at least the first time.
Next time I’ll shorten my response. :slight_smile:

Please post back what you find. I didn’t have time to find/test the exact
setup so hopefully either you or somebody else can help with that.

Good luck.

On 02/15/2010 04:46 AM, macedonio wrote:
>
> That’s exactly what I needed (you would have been justified to tell to
> RTFM).
> However, I can’t get it working. I can’t understand the syntax. I’ll
> keep looking.
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJLeTfHAAoJEF+XTK08PnB5tjQP/3lMuUSbTuIzSIwFKuk5CjKs
lbcfc5mAYeGiF4Qo1z7jjBayWycnmRfieElmcpIZ9tCZTEOjpRybEQnqrMXFca5P
N5e0jtpNtp2hgz+5hfmRwC+VvArKgCCS6H7+qZp/OSieNG1Fk3NovSpnFlSde4Zs
F3NPoAt0txwTmmH4sDFGUoesP8vyKGg//C1WhsgaGFHhfsyn/7EtIiL9BoRg+KXX
f5jKMMdnJaXyVrkcolgWVzAeRGKSXI2lCrfSHr98uGGrGDlGYxYkGDzJ802V9GNG
1MdGRePz6NWTFOskN2g2BE8ptaDRJchQRnRGfVLJQVv4nQU3aig5CLAZiWoO6wii
NA5yg+XE3Wdtao9csauP94afBP+dCjs9jnaiy/5lG9YK7H1Oapx0SG8xZeh38ldo
5xnvudT0+PYq6b0dHcI5Xzy5ZqvdTkTQ+/5cD7JCfMYGav0e505IHB3YQUXHAyXW
dAYx3i8VIWqRbSg0MJWWkhX4z3ONsnyvx30LfaLEtrep9OWbYqi430RRAXcJJ+lF
/EUAng4tOiEufWQcAw17SJksf91IOZDsT5v9wgB0JNNg2lbb43+IW5ne16qfwGg9
CvbxqHHSmc/Hb3SKccAN9OH+FC8Kl54u7FlDIivqa5eK4yVR7f22Bc95+menYdrH
EORAhgJQpmpQQUQcxJdb
=ZR8A
-----END PGP SIGNATURE-----

As far as I can tell this will disable all logging. Now far from knowing but as syslog-ng is handling this I suspect it might be easier to just relog the messages.

Now from googling I found this bug report with what I think is sudo being logged to sudo.log.

## -- define destinations
destination sudo        { file("/var/log/sudo.log");  };

## -- create filters
filter f_sudo        { program(sudo);                  };

# Haven't got a clue if this is needed
## -- connect filter and destination (may be order dependant)
log { source(src);     filter(f_sudo);           destination(sudo);      
flags(final);  }; # Not sure what this does or if even needed

Gentoo Bug 228601 - In syslog-ng-2.0.9, mark_freq(0) does not disable --MARK-- messages in the log

Perhaps that lot will help. Any way the crux is I think syslog.conf will achieve this whilst still keeping the messages so they’re retrievable. Though you also have a logfile flag from sudoers but I suspect this maybe as well as syslog rather than instead of.

FeatherMonkey:
your trick left me halfway: sudo messages are now being sotred in a separate log, but they have not disappeared from /var/log/messages, so no good.

It’s a good chance to understand syslog, syslog-ng, etc. so I’m looking into it as a toddler with a new toy.

ab@novell.com:

I haven’t figured out the syntax of the conf file yet.

Thankyouall.

Will Linux ever cease to amaze me?
Will my brain ever cease to amaze me with its blindness?

sudo /usr/bin/tail /var/log/messages | grep **--invert-match** "sudo"

(I didn’t even know grep could do that!)

conky -c messages.conf & >/dev/null

VOILA!!!

Thank you wonderful people.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Just as a note, ‘-v’ is the shorter switch for inverting matching…
pretty useful switch.

Good luck.

On 02/15/2010 10:46 AM, macedonio wrote:
>
> Will Linux ever cease to amaze me?
> Will my brain ever cease to amaze me with its blindness?
>
>
> Code:
> --------------------
> sudo /usr/bin/tail /var/log/messages | grep –invert-match “sudo”
> --------------------
>
>
> (I didn’t even know grep could do that!)
>
>
> Code:
> --------------------
> conky -c messages.conf & >/dev/null
> --------------------
>
>
> VOILA!!!
>
> Thank you wonderful people.
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJLeYiPAAoJEF+XTK08PnB5NFUP/Rbs6HejqayJD48TK7vsyliq
jom1AHBqFAq7j4DfboaAaxTiZ6J93Rfo51+ZZ6wJWA7gYhY+wUifzotlIHlIKynR
dtSVISvGbQiURWjSUod7sjOOM2WxtGDGEIMqVVUwRR4m/zCKfqtafvo7MgjGqAT/
H+s5nBTdSLRe/Pru1YCA4yj4deNI7WSNVoLwHamwWBDV6M0CB7cPZ6LsJYYE5Ht9
wviEPQ07o7jyfzrdMUwytCGgx37uMMJ7hioO/DpgZ7EoIXkApjA90/bzgOFG7ZTL
9EXlbFuFqNI47qx5gqW3Iz62Lka7RaNy4wT0GSTIsKoER9p+VqLDTC5QZ0yzFXC5
DZqR8dfP5tP2KDRNSLwFxYaE5rdr4rgjlkwb4hPAFet70nkMAgq+KEp95op8CzOc
+DAfFP7pGYpUUPy28OJqRb6NW4FEkfB5B6hYOOMSPqPhteAuYaGkfpLewNLdb4c0
CU24vvbUqPfRRLAgv00c4nbxfEX1VmHTMFYREm/OVRDdRa9eFshAfgBOjED9wQE8
i3crEp2VFfMm4tYtkJ53PdkQfXcEboKcl/Dac41nRkOIzPzvnogUSHfgqhpPcRJq
fU1+wTDhbeOkASXvL5ZTWyd2ltohi4x5+1t5hhnMGUhkyggDWlRLKGjKrNWkP6Tp
iVM4FEQOym9R2WaJ8i3S
=iZnK
-----END PGP SIGNATURE-----