| SUDO_SENDLOG(8) | System Manager's Manual | SUDO_SENDLOG(8) |
NAME
sudo_sendlog —
send sudo I/O log to log server
SYNOPSIS
sudo_sendlog |
[-AnV] [-b
ca_bundle] [-c
cert_file] [-h
host] [-i
iolog-id] [-k
key_file] [-p
port] [-r
restart-point] [-R
reject-reason] [-s
stop-point] [-t
number] path |
DESCRIPTION
sudo_sendlog can be used to send the
existing sudoers I/O log path
to a remote log server such as
sudo_logsrvd(8) for central
storage.
The options are as follows:
-A,--accept-only- Only send the accept event, not the I/O associated with the log. This can be used to test the logging of accept events without any associated I/O.
-b,--ca-bundle- The path to a certificate authority bundle file, in PEM format, to use instead of the system's default certificate authority database when authenticating the log server. The default is to use the system's default certificate authority database.
-c,--cert- The path to the client's certificate file in PEM format. This setting is required when the connection to the remote log server is secured with TLS.
--help- Display a short help message to the standard output and exit.
-h,--host- Connect to the specified host instead of localhost.
-i,--iolog-id- Use the specified iolog-id when restarting a log
transfer. The iolog-id is reported by the server
when it creates the remote I/O log. This option may only be used in
conjunction with the
-roption. -k,--key- The path to the client's private key file in PEM format. This setting is required when the connection to the remote log server is secured with TLS.
-n,--no-verify- If specified, the server's certificate will not be verified during the TLS
handshake. By default,
sudo_sendlogverifies that the server's certificate is valid and that it contains either the server's host name or its IP address. This setting is only supported when the connection to the remote log server is secured with TLS. -p,--port- Use the specified network port when connecting to the log server instead of the default, port 30344.
-r,--restart- Restart an interrupted connection to the log server. The specified
restart-point is used to tell the server the point
in time at which to continue the log. The
restart-point is specified in the form
“seconds,nanoseconds” and is usually the last commit point
received from the server. The
-ioption must also be specified when restarting a transfer. -R,--reject- Send a reject event for the command using the specified reject-reason, even though it was actually accepted locally. This can be used to test the logging of reject events; no I/O will be sent.
-s,--stop-after- Stop sending log records and close the connection when
stop-point is reached. This can be used for testing
purposes to send a partial I/O log to the server. Partial logs can be
restarted using the
-roption. The stop-point is an elapsed time specified in the form “seconds,nanoseconds”. -t,--test- Open number simultaneous connections to the log server and send the specified I/O log file on each one. This option is useful for performance testing.
-V,--version- Print the
sudo_sendlogversion and exit.
Debugging sendlog
sudo_sendlog supports a flexible debugging
framework that is configured via
Debug
lines in the sudo.conf(5)
file.
For more information on configuring sudo.conf(5), refer to its manual.
FILES
- /etc/sudo.conf
- Sudo front-end configuration
SEE ALSO
sudo.conf(5), sudo(8), sudo_logsrv.proto(5), sudo_logsrvd(8)
AUTHORS
Many people have worked on sudo over the
years; this version consists of code written primarily by:
See the CONTRIBUTORS.md file in the sudo
distribution (https://www.sudo.ws/about/contributors/) for an exhaustive
list of people who have contributed to sudo.
BUGS
If you believe you have found a bug in
sudo_sendlog, you can either file a bug report in
the sudo bug database, https://bugzilla.sudo.ws/, or open an issue at
https://github.com/sudo-project/sudo/issues. If you would prefer to use
email, messages may be sent to the sudo-workers mailing list,
https://www.sudo.ws/mailman/listinfo/sudo-workers (public) or
<sudo@sudo.ws> (private).
Please not report security vulnerabilities through public GitHub issues, Bugzilla or mailing lists. Instead, report them via email to <Todd.Miller@sudo.ws>. You may encrypt your message with PGP if you would like, using the key found at https://www.sudo.ws/dist/PGPKEYS.
SUPPORT
Limited free support is available via the sudo-users mailing list, see https://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or search the archives.
DISCLAIMER
sudo_sendlog is provided “AS
IS” and any express or implied warranties, including, but not limited
to, the implied warranties of merchantability and fitness for a particular
purpose are disclaimed. See the LICENSE.md file distributed with
sudo or https://www.sudo.ws/about/license/ for
complete details.
| July 14, 2024 | Sudo 1.9.16 |