Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Suppress log entry for single sudo commands

For server monitoring, we execute couple of commands with password-less sudo every minute. This fills the server logs.

sudo: zabbix : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/foo/bar

Can I prevent these entries? The options NOLOG_INPUT and NOLOG_OUTPUT don't look like what I want.

I don't want to omit sudo's logging completely, only for the one user and the one (or more) command.

Is there a way to achieve this?

like image 423
StephenKing Avatar asked Jan 11 '13 11:01

StephenKing


People also ask

How do I restrict sudo commands?

This can be done in the /etc/sudoers file. This line means that any user under the 'sudo' group has a permission to run all of the commands on the server. In order to restric the sudo group to a handfull of commands, you'll need to edit that line. That's it.

Why do we use the sudo command instead of staying logged in as root?

sudo allows user to act as root without root login; it is more secure to use sudo instead of logging in as root.


1 Answers

You can disable the logging on a user basis using the Defaults: directive

example (disabled logging for user bla)

Defaults:bla !syslog

or using a Cmnd_Alias to disable it per command(s)

Cmnd_Alias SCRIPT = /usr/local/bin/myscript
Defaults!SCRIPT !syslog
# multiple commands need a comma between them
Cmnd_Alias MORE = /bin/ls, /bin/cat
Defaults!MORE !syslog

Tested on Debian 6.0.6 with sudo version 1.7.4p4 (so rather old ;) )

like image 150
dwalter Avatar answered Oct 02 '22 12:10

dwalter