Hi,
Requirement: After a user logs in with sudo, each of the commands executed by the user should be logged either in syslog or a seperate log file.
I checked thru lot of forum posts but could not find a working response.
sudoers file listed below
#########################################
# Host alias specification
# User alias specification
# Cmnd alias specification
# Defaults specification
Defaults logfile=/var/run/sudo/sudo.log
# Runas alias specification
# User privilege specification
root ALL=(ALL) SETENV: ALL
# Uncomment to allow people in group wheel to run all commands
# and set environment variables.
# %wheel ALL=(ALL) SETENV: ALL
# Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: SETENV: ALL
# Samples
# %users ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users localhost=/sbin/shutdown -h now
stony bkpsvr=/usr/bin/rlogin,/usr/lbin/remshd,/usr/sbin/cmviewcl, /usr/sbin/cmviewcl -v, /usr/sbin/dmesg, /usr/sbin/vxdmpadm listctlr all, /
usr/sbin/sam, /usr/sbin/swinstall, /opt/contrib/bin/nickel, /usr/bin/gsp, /sbin/ioscan, /opt/ignite/bin/make_tape_recovery
############################################
contents of the log file generate /var/run/sudo/sudo.log
###########################################
root@bkpsvr#cat /var/run/sudo/sudo.log
May 25 12:52:12 : stony : HOST=bkpsvr : TTY=pts/tb ; PWD=/home/stony ; USER=root
; COMMAND=/usr/bin/rlogin bkpsvr
May 25 13:07:26 : hpce : HOST=bkpsvr : TTY=pts/1 ; PWD=/home/stony ; USER=root
; COMMAND=/bin/rlogin bkpsvr
###########################################
The log file only lists the timestamp when I tried to run a command.
What I want sudo is to tell me, what command was executed eg cmviewcl / swlist etc.
What option should be included to enable detailed logging.
Thanks.
