|
Bugzilla – Full Text Bug Listing |
| Summary: | Add LOG_PID to openlog calls so that sudo includes PID in syslog messages | ||
|---|---|---|---|
| Product: | Sudo | Reporter: | Hank Leininger <hlein-subz> |
| Component: | Sudo | Assignee: | Todd C. Miller <Todd.Miller> |
| Status: | RESOLVED FIXED | ||
| Severity: | enhancement | ||
| Priority: | low | ||
| Version: | 1.8.20 | ||
| Hardware: | PC | ||
| OS: | Linux | ||
| Attachments: |
Add LOG_PID to openlog calls
Patch to add syslog_pid sudoers option. |
||
Created attachment 497 [details]
Patch to add syslog_pid sudoers option.
I agree, I've made the following commit: https://www.sudo.ws/repos/sudo/rev/f4dc29b0052c and attached a diff relative to sudo 1.8.20 Awesome, thank you! Sudo 1.8.21 is out now and contains the syslog_pid option. |
Created attachment 496 [details] Add LOG_PID to openlog calls I would find it useful if syslogs generated by sudo included the PID. This would help when analyzing logs from a busy server where there are multiple messages per sudo, such as when pam_unix logs session opened / session closed messages. Attached is a trivial patch to pass LOG_PID on openlog. It gives my desired behavior: Jul 20 16:52:35 foo sudo[31629]: apache : TTY=unknown ; PWD=/var/bar/cgi ; USER=yada ; GROUP=yada ; COMMAND=/var/bar/cgi/baz.cgi Jul 20 16:52:35 foo sudo[31629]: pam_unix(sudo:session): session opened for user yada by (uid=0) Jul 20 16:52:36 foo sudo[31629]: pam_unix(sudo:session): session closed for user yada _But_, I do not suggest it's actually ready for inclusion yet; this change shouldn't happen by surprise, as it changes a ~20+ year established behavior and would break existing regexes. I think the thing to do is probably to introduce a sudo.conf option, defaulting to off, that enables this. Then first distributions, and then individual sysadmins, can decide if/when they want the new behavior. I did not implement that yet though, wanted to get feedback on the idea first. Would you accept this change; does a sudo.conf knob sound like the right approach? Thanks!