[prev in list] [next in list] [prev in thread] [next in thread]
List: sudo-users
Subject: Re: [sudo-users] sudoreplay log logrotated
From: "Todd C. Miller" <Todd.Miller () courtesan ! com>
Date: 2015-07-23 23:09:33
[Download RAW message or body]
On Thu, 23 Jul 2015 13:56:46 -0000, "Fokan,Frederic,NNSA LAUSANNE,Operating Sys
tem" wrote:
> I would like to manage all logs generated using sudoreplay capabilities of
> sudo .
> As you know, all files created using sudo replay are written under
> /var/log/sudo-io/ ... but would like to manage them and logrotate them.
> Do you have any suggestions, recommendations on that specific subject ?
For sudo 1.8.7 and above you can set maxseq in sudoers to the largest
number of I/O logs you want to keep. E.g. given
Defaults maxseq 100
the sequence number would wrap after 100, effectively limiting you
to 100 I/O logs.
Another approach is to use find to remove I/O logs based on the
creation date.
- todd
____________________________________________________________
sudo-users mailing list <sudo-users@sudo.ws>
For list information, options, or to unsubscribe, visit:
http://www.sudo.ws/mailman/listinfo/sudo-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic