On 2018-08-07, James Allsopp <jamesaalls...@googlemail.com> wrote: > > sudo does mean that the admin actions of a particular user are logged, but > unless you lock down what they can do, they can change/delete the logs > easily enough. >
But it seems the whole point of the thing in a multi-user environment is that you can use a granular approach to permissions, so I suppose if you didn't desire a particular user modifying the logs, while granting her other administrative privileges, that would fall completely within the purview of the philosophy and implementation of the soft that is 'sudo'. I've never used it myself. I'm all by my lonesome on this machine. I've been using 'su' from the very beginning (but maybe I should start or will start whenever the future and the new 'su' arrives using 'su -'). -- Some years ago, when the images which this world affords first opened upon me, when I felt the cheering warmth of summer and heard the rustling of the leaves and the warbling of the birds, and these were all to me, I should have wept to die; now it is my only consolation. --Mary Shelley, Frankenstein; or, The Modern Prometheus