diff options
author | Viacheslav Hletenko <v.gletenko@vyos.io> | 2024-04-23 15:43:08 +0000 |
---|---|---|
committer | Mergify <37929162+mergify[bot]@users.noreply.github.com> | 2024-04-24 05:43:50 +0000 |
commit | 9865cd931aa80eccb1052cbef9827740a5285488 (patch) | |
tree | 26159cbbf3e50ba0f7f2175023823f286c99721a /src/etc/rsyslog.conf | |
parent | 2ea5aa9b5832a073b4e8d2fcdc7190d01f6a1519 (diff) | |
download | vyos-1x-9865cd931aa80eccb1052cbef9827740a5285488.tar.gz vyos-1x-9865cd931aa80eccb1052cbef9827740a5285488.zip |
T6109: Fix remote logging for sudo commands
This fix for bug when `sudo` commands were not send to the remote
syslog server. They stop before the directive that includes all
configurations `$IncludeConfig /etc/rsyslog.d/*.conf`
(cherry picked from commit 7164ad40f5cc47f35c7903626d4d4da048a25113)
Diffstat (limited to 'src/etc/rsyslog.conf')
-rw-r--r-- | src/etc/rsyslog.conf | 30 |
1 files changed, 15 insertions, 15 deletions
diff --git a/src/etc/rsyslog.conf b/src/etc/rsyslog.conf index 9781f0835..b3f41acb6 100644 --- a/src/etc/rsyslog.conf +++ b/src/etc/rsyslog.conf @@ -15,21 +15,6 @@ $KLogPath /proc/kmsg #### GLOBAL DIRECTIVES #### ########################### -# The lines below cause all listed daemons/processes to be logged into -# /var/log/auth.log, then drops the message so it does not also go to the -# regular syslog so that messages are not duplicated - -$outchannel auth_log,/var/log/auth.log -if $programname == 'CRON' or - $programname == 'sudo' or - $programname == 'su' - then :omfile:$auth_log - -if $programname == 'CRON' or - $programname == 'sudo' or - $programname == 'su' - then stop - # Use traditional timestamp format. # To enable high precision timestamps, comment out the following line. # A modern-style logfile format similar to TraditionalFileFormat, buth with high-precision timestamps and timezone information @@ -60,6 +45,21 @@ $Umask 0022 # $IncludeConfig /etc/rsyslog.d/*.conf +# The lines below cause all listed daemons/processes to be logged into +# /var/log/auth.log, then drops the message so it does not also go to the +# regular syslog so that messages are not duplicated + +$outchannel auth_log,/var/log/auth.log +if $programname == 'CRON' or + $programname == 'sudo' or + $programname == 'su' + then :omfile:$auth_log + +if $programname == 'CRON' or + $programname == 'sudo' or + $programname == 'su' + then stop + ############### #### RULES #### ############### |