For server monitoring, we execute couple of commands with password-less sudo
every minute. This fills the server logs.
sudo: zabbix : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/foo/bar
Can I prevent these entries? The options NOLOG_INPUT
and NOLOG_OUTPUT
don't look like what I want.
I don't want to omit sudo
's logging completely, only for the one user and the one (or more) command.
Is there a way to achieve this?
This can be done in the /etc/sudoers file. This line means that any user under the 'sudo' group has a permission to run all of the commands on the server. In order to restric the sudo group to a handfull of commands, you'll need to edit that line. That's it.
sudo allows user to act as root without root login; it is more secure to use sudo instead of logging in as root.
You can disable the logging on a user basis using the Defaults:
directive
example (disabled logging for user bla)
Defaults:bla !syslog
or using a Cmnd_Alias
to disable it per command(s)
Cmnd_Alias SCRIPT = /usr/local/bin/myscript
Defaults!SCRIPT !syslog
# multiple commands need a comma between them
Cmnd_Alias MORE = /bin/ls, /bin/cat
Defaults!MORE !syslog
Tested on Debian 6.0.6 with sudo
version 1.7.4p4
(so rather old ;) )
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With