Change syslogging of authorization related commands

For sucessful sudo, just log it at info level. Capture any security failures/changes into /var/log/auth.log but skip normal CLI commands Turn off the builtin sync after each write to /var/log/messages by putting - before file name; the sync causes a disk write each time and therefore can be a performance hit during boot.
author: Stephen Hemminger <stephen.hemminger@vyatta.com> 2008-06-30 16:37:53 -0700
committer: Stephen Hemminger <stephen.hemminger@vyatta.com> 2008-06-30 16:37:53 -0700
commit: f4ad511f3f2c946568e84adfd75b087e4180ad05 (patch)
tree: f4a507cfca295462223a4ce6a8fcba9df8764cde /sysconf
parent: 5c108ca0a31657763cd657eb22253013e04fef5a (diff)
download: vyatta-cfg-system-f4ad511f3f2c946568e84adfd75b087e4180ad05.tar.gz
vyatta-cfg-system-f4ad511f3f2c946568e84adfd75b087e4180ad05.zip
1 files changed, 14 insertions, 2 deletions
diff --git a/sysconf/syslog.conf b/sysconf/syslog.conf
index 4281cfd6..f732affc 100644
--- a/sysconf/syslog.conf
+++ b/sysconf/syslog.conf
@@ -1,2 +1,14 @@
-*.warning	/var/log/messages 
-local7.*	/var/log/messages
+# Standard logfiles by facility
+auth.*;,authpriv.notice	/var/log/auth.log
+
+# Some other (unused) standard entries
+#cron.*			/var/log/cron.log
+#kern.*			-/var/log/kern.log
+#lpr.*			-/var/log/lpr.log
+#mail.*			-/var/log/mail.log
+#user.*			-/var/log/user.log
+
+# Catch-all log file used by CLI
+*.warning;local7.*;\
+	auth,authpriv.none;\
+	cron,daemon.none; -/var/log/messages
author	Stephen Hemminger <stephen.hemminger@vyatta.com>	2008-06-30 16:37:53 -0700
committer	Stephen Hemminger <stephen.hemminger@vyatta.com>	2008-06-30 16:37:53 -0700
commit	f4ad511f3f2c946568e84adfd75b087e4180ad05 (patch)
tree	f4a507cfca295462223a4ce6a8fcba9df8764cde /sysconf
parent	5c108ca0a31657763cd657eb22253013e04fef5a (diff)
download	vyatta-cfg-system-f4ad511f3f2c946568e84adfd75b087e4180ad05.tar.gz vyatta-cfg-system-f4ad511f3f2c946568e84adfd75b087e4180ad05.zip