-
-
Notifications
You must be signed in to change notification settings - Fork 275
Closed
Description
Hi,
I'm currently using the latest version of sudo and sudo_logsrvd (I installed it from here). So it is v1.9.11.
When I configure the following in /etc/sudoers on the client:
Defaults env_reset
Defaults mail_badpass
Defaults use_pty
Defaults log_servers=192.168.121.33
Defaults log_format=json
Defaults log_subcmds
Defaults log_input
Defaults log_output
Defaults log_year
Defaults log_host
root ALL = (ALL : ALL) ALL
root ALL = (ALL) NOLOG_INPUT: NOLOG_OUTPUT: /usr/bin/sudoreplay
%sudo ALL = (ALL : ALL) ALL
Defaults:vagrant !fqdn
Defaults:vagrant !requiretty
vagrant ALL = (ALL) NOPASSWD: ALL
it successfully sends the following to the server:
- normal
sudocommands (I see these using journalctl) - session recording
What I don't see are subcommands and they are stored on the client and not the server. Is this expected behavior? Am I missing something? Thanks
Reactions are currently unavailable
Metadata
Metadata
Assignees
Labels
No labels