summaryrefslogtreecommitdiff
path: root/debian/vyatta-cfg-system.postinst.in
diff options
context:
space:
mode:
authorStephen Hemminger <stephen.hemminger@vyatta.com>2008-06-30 16:37:53 -0700
committerStephen Hemminger <stephen.hemminger@vyatta.com>2008-06-30 16:37:53 -0700
commitf4ad511f3f2c946568e84adfd75b087e4180ad05 (patch)
treef4a507cfca295462223a4ce6a8fcba9df8764cde /debian/vyatta-cfg-system.postinst.in
parent5c108ca0a31657763cd657eb22253013e04fef5a (diff)
downloadvyatta-cfg-system-f4ad511f3f2c946568e84adfd75b087e4180ad05.tar.gz
vyatta-cfg-system-f4ad511f3f2c946568e84adfd75b087e4180ad05.zip
Change syslogging of authorization related commands
For sucessful sudo, just log it at info level. Capture any security failures/changes into /var/log/auth.log but skip normal CLI commands Turn off the builtin sync after each write to /var/log/messages by putting - before file name; the sync causes a disk write each time and therefore can be a performance hit during boot.
Diffstat (limited to 'debian/vyatta-cfg-system.postinst.in')
-rw-r--r--debian/vyatta-cfg-system.postinst.in7
1 files changed, 7 insertions, 0 deletions
diff --git a/debian/vyatta-cfg-system.postinst.in b/debian/vyatta-cfg-system.postinst.in
index 0852319e..8e8b6015 100644
--- a/debian/vyatta-cfg-system.postinst.in
+++ b/debian/vyatta-cfg-system.postinst.in
@@ -57,6 +57,13 @@ EOF
echo -e "\n%users ALL=NOPASSWD: ${bindir}/sudo-users/" >> /etc/sudoers
fi
+ # Reduce logging level of good commands
+ if ! grep -q "^Defaults syslog_goodpri" /etc/sudoers; then
+ echo "\nDefaults syslog_goodpri=info" >>/etc/sudoers
+ fi
+
+ fi
+
# keep env vars
if ! grep -q 'env_keep+=VYATTA_*' /etc/sudoers ; then
echo "Defaults env_keep+=VYATTA_*" >> /etc/sudoers