标签:echo 结果 gen 5.x bug class var visudo command
1、安装sudo与syslog服务[root@Centos ~]# rpm -qa|grep sudo sudo-1.8.6p3-24.el6.x86_64 [root@Centos ~]# rpm -qa|grep rsyslog rsyslog-5.8.10-10.el6_6.x86_64
检查是否安装两种服务,如果没有安装,就使用下面的命令进行安装
yum install sudo -y yum install rsyslog -y
备注:Centos 5.x 为syslog,Centos 6.x 为rsyslog
2、配置服务
创建日志保存目录
[root@Centos ~]# mkdir -p /var/log/
服务器环境查看
[root@Centos ~]# cat /etc/redhat-release CentOS release 6.5 (Final) [root@Centos ~]# uname -r 2.6.32-431.el6.x86_64
服务器环境为centos 6.5 所以syslog日志配置文件为/etc/rsyslog.conf
[root@Centos ~]#echo "local2.debug /var/log/sudo.log">>/etc/rsyslog.conf
查看配置
[root@Centos ~]# tail -1 /etc/rsyslog.conf local2.debug /var/log/sudo.log
如果服务器为centos 5.x 所以syslog日志配置文件为/etc/syslog.conf
[root@Centos ~]#echo "local2.debug /var/log/sudo.log">>/etc/syslog.conf [root@Centos ~]#echo "Defaults logfile=/var/log/sudo.log">>/etc/sudoers
查看配置
[root@Centos ~]# tail -1 /etc/syslog.conf local2.debug /var/log/sudo.log
配置/etc/sudoers
[root@Centos ~]# echo "Defaults logfile=/var/log/sudo.log">>/etc/sudoers [root@Centos ~]# tail -1 /etc/sudoers Defaults logfile=/var/log/sudo.log [root@Centos ~]# visudo -c
4、重启服务
[root@Centos ~]# /etc/init.d/rsyslog restart Shutting down system logger: [ OK ] Starting system logger: [ OK ]
三:测试日记审计结果
[root@jenkins sudoers.d]# sudo ls cloud-init [root@jenkins sudoers.d]# cat /var/log/sudo.log Jul 3 06:22:53 : root : TTY=pts/1 ; PWD=/etc/sudoers.d ; USER=root ; COMMAND=/bin/ls
标签:echo 结果 gen 5.x bug class var visudo command
原文地址:http://blog.51cto.com/dellinger/2135763
