From 24b1d246373a0def45a6e6ba1b0ecabe19fe1d58 Mon Sep 17 00:00:00 2001 From: Christian Breunig Date: Sun, 1 Dec 2024 12:44:10 +0100 Subject: sudo: T6926: remove spam messages to syslog Right now every command that's executed via op-mode/conf-mode is logged with a session entry/exit and command execution into syslog. sudo[1082396]: vyos : TTY=pts/1 ; PWD=/home/vyos ; USER=root ; COMMAND=/usr/bin/mv /tmp/config.boot.1082388 /opt/vyatta/etc/config/archive/config.boot sudo[1082396]: pam_unix(sudo:session): session opened for user root(uid=0) by vyos(uid=1002) sudo[1082396]: pam_unix(sudo:session): session closed for user root sudo[1082399]: vyos : TTY=pts/1 ; PWD=/home/vyos ; USER=root ; COMMAND=/usr/sbin/logrotate -f -s /opt/vyatta/etc/config/archive/lr.state /opt/vyatta/etc/config/archive/lr.conf sudo[1082399]: pam_unix(sudo:session): session opened for user root(uid=0) by vyos(uid=1002) sudo[1082399]: pam_unix(sudo:session): session closed for user root This heavily bloats remote logging services - remove the log entries --- src/etc/sudoers.d/vyos | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'src/etc') diff --git a/src/etc/sudoers.d/vyos b/src/etc/sudoers.d/vyos index 67d7babc4..198b9b9aa 100644 --- a/src/etc/sudoers.d/vyos +++ b/src/etc/sudoers.d/vyos @@ -1,7 +1,8 @@ # # VyOS modifications to sudo configuration # -Defaults syslog_goodpri=info +Defaults !syslog +Defaults !pam_session Defaults env_keep+=VYATTA_* # -- cgit v1.2.3