On 11/03/06, Gora Mohanty <[EMAIL PROTECTED]> wrote: > You should probably also reconsider turning off logging of commands > run with sudo. With that, if something does go wrong, there is no way > to trace what happened. Rotating logs, or cleaning them out semi- > automatically is a better option, in my opinion. > Agreed. One of the main strengths of having administration commands run via sudo (and discouraging, for example, 'sudo sh' even by those who have ALL privileges) is having an audit trail for superuser access. Why wouldn't you want this? As for rotation, sudo won't generate a lot of log messages under normal use. Perhaps the only reason I can think of for doing this is to cover embarassment - I mean, if you mistype 20% of all your commands ... ;o)
Cian _______________________________________________ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
