2019-10-24 20:04:31 -06:00
|
|
|
#
|
|
|
|
|
# sudo logsrv configuration
|
|
|
|
|
#
|
|
|
|
|
|
2019-10-24 20:04:32 -06:00
|
|
|
[server]
|
2019-10-24 20:04:32 -06:00
|
|
|
# The host name or IP address and port to listen on. If no port is
|
|
|
|
|
# specified, port 30344 will be used.
|
|
|
|
|
# The following forms are accepted:
|
2019-10-24 20:04:32 -06:00
|
|
|
# listen_address = hostname
|
|
|
|
|
# listen_address = hostname:port
|
|
|
|
|
# listen_address = IPv4_address
|
|
|
|
|
# listen_address = IPv4_address:port
|
|
|
|
|
# listen_address = [IPv6_address]
|
|
|
|
|
# listen_address = [IPv6_address]:port
|
2019-10-24 20:04:32 -06:00
|
|
|
#
|
|
|
|
|
# Multiple listen_address settings may be specified.
|
|
|
|
|
# The default is to listen on all addresses.
|
|
|
|
|
#listen_address = *:30344
|
|
|
|
|
|
2019-10-24 20:04:32 -06:00
|
|
|
[iolog]
|
2019-10-24 20:04:31 -06:00
|
|
|
# The top-level directory to use when constructing the path name for the
|
|
|
|
|
# I/O log directory. The session sequence number, if any, is stored here.
|
2019-10-24 20:04:32 -06:00
|
|
|
#iolog_dir = /var/log/sudo-io
|
2019-10-24 20:04:31 -06:00
|
|
|
|
|
|
|
|
# The path name, relative to iolog_dir, in which to store I/O logs.
|
|
|
|
|
# Note that iolog_file may contain directory components.
|
2019-10-24 20:04:32 -06:00
|
|
|
#iolog_file = %{seq}
|
2019-10-24 20:04:31 -06:00
|
|
|
|
|
|
|
|
# If set, I/O logs will be compressed using zlib. Enabling compression can
|
|
|
|
|
# make it harder to view the logs in real-time as the program is executing.
|
2019-10-24 20:04:32 -06:00
|
|
|
#iolog_compress = false
|
2019-10-24 20:04:31 -06:00
|
|
|
|
2019-10-24 20:04:32 -06:00
|
|
|
# If set, I/O log data is flushed to disk after each write instead of
|
|
|
|
|
# buffering it. This makes it possible to view the logs in real-time
|
|
|
|
|
# as the program is executing but reduces the effectiveness of compression.
|
|
|
|
|
#iolog_flush = true
|
|
|
|
|
|
|
|
|
|
# The group to use when creating new I/O log files and directories.
|
|
|
|
|
# If iolog_group is not set, the primary group-ID of the user specified
|
|
|
|
|
# by iolog_user is used. If neither iolog_group nor iolog_user
|
2019-10-24 20:04:31 -06:00
|
|
|
# are set, I/O log files and directories are created with group-ID 0.
|
|
|
|
|
#iolog_group = wheel
|
|
|
|
|
|
2019-10-24 20:04:32 -06:00
|
|
|
# The user to use when setting the user-ID and group-ID of new I/O log files
|
|
|
|
|
# and directories. If iolog_group is set, it will be used instead of the
|
|
|
|
|
# user's primary group-ID. By default, I/O log files and directories are
|
|
|
|
|
# created with user and group-ID 0.
|
2019-10-24 20:04:31 -06:00
|
|
|
#iolog_user = root
|
|
|
|
|
|
2019-10-24 20:04:32 -06:00
|
|
|
# The file mode to use when creating I/O log files. The file permissions
|
|
|
|
|
# will always include the owner read and write bits, even if they are not
|
|
|
|
|
# present in the specified mode. When creating I/O log directories, search
|
|
|
|
|
# (execute) bits are added to match the read and write bits specified by
|
|
|
|
|
# iolog_mode.
|
2019-10-24 20:04:32 -06:00
|
|
|
#iolog_mode = 0600
|
2019-10-24 20:04:31 -06:00
|
|
|
|
2019-10-24 20:04:32 -06:00
|
|
|
# The maximum sequence number that will be substituted for the "%{seq}"
|
|
|
|
|
# escape in the I/O log file. While the value substituted for "%{seq}"
|
|
|
|
|
# is in base 36, maxseq itself should be expressed in decimal. Values
|
|
|
|
|
# larger than 2176782336 (which corresponds to the base 36 sequence number
|
|
|
|
|
# "ZZZZZZ") will be silently truncated to 2176782336.
|
2019-10-24 20:04:32 -06:00
|
|
|
#maxseq = 2176782336
|
|
|
|
|
|
|
|
|
|
[eventlog]
|
|
|
|
|
# Where to log accept, reject and alert events.
|
|
|
|
|
# Accepted values are syslog, logfile, or none.
|
|
|
|
|
# Defaults to syslog
|
|
|
|
|
#log_type = syslog
|
|
|
|
|
|
|
|
|
|
# Event log format.
|
2019-10-24 20:04:32 -06:00
|
|
|
# Currently only sudo-style event logs are supported.
|
2019-10-24 20:04:32 -06:00
|
|
|
#log_format = sudo
|
|
|
|
|
|
|
|
|
|
[syslog]
|
|
|
|
|
# The maximum length of a syslog payload.
|
|
|
|
|
# On many systems, syslog(3) has a relatively small log buffer.
|
|
|
|
|
# IETF RFC 5424 states that syslog servers must support messages
|
|
|
|
|
# of at least 480 bytes and should support messages up to 2048 bytes.
|
|
|
|
|
# Messages larger than this value will be split into multiple messages.
|
|
|
|
|
#maxlen = 960
|
|
|
|
|
|
|
|
|
|
# The syslog facility to use for event log messages.
|
|
|
|
|
# The following syslog facilities are supported: authpriv (if your OS
|
|
|
|
|
# supports it), auth, daemon, user, local0, local1, local2, local3, local4,
|
|
|
|
|
# local5, local6, and local7.
|
|
|
|
|
#facility = authpriv
|
|
|
|
|
|
2019-10-24 20:04:32 -06:00
|
|
|
# Syslog priority to use for event log accept messages, when the command
|
|
|
|
|
# is allowed by the security policy. The following syslog priorities are
|
|
|
|
|
# supported: alert, crit, debug, emerg, err, info, notice, warning, none.
|
2019-10-24 20:04:32 -06:00
|
|
|
#accept_priority = notice
|
|
|
|
|
|
2019-10-24 20:04:32 -06:00
|
|
|
# Syslog priority to use for event log reject messages, when the command
|
|
|
|
|
# is not allowed by the security policy.
|
2019-10-24 20:04:32 -06:00
|
|
|
#reject_priority = alert
|
|
|
|
|
|
2019-10-24 20:04:32 -06:00
|
|
|
# Syslog priority to use for event log alert messages reported by the client.
|
2019-10-24 20:04:32 -06:00
|
|
|
#alert_priority = alert
|
|
|
|
|
|
|
|
|
|
[logfile]
|
2019-10-24 20:04:32 -06:00
|
|
|
# The path to the file-based event log.
|
|
|
|
|
# This path must be fully-qualified and start with a '/' character.
|
|
|
|
|
#path = /var/log/sudo
|
|
|
|
|
|
2019-10-24 20:04:32 -06:00
|
|
|
# The format string used when formatting the date and time for
|
|
|
|
|
# file-based event logs. Formatting is performed via strftime(3) so
|
|
|
|
|
# any format string supported by that function is allowed.
|
|
|
|
|
#time_format = %h %e %T
|
