On Tue, Apr 8, 2008 at 2:35 PM, Doug LaRue <[EMAIL PROTECTED]> wrote:
> ** Reply to message from "James G. Sack (jim)" <[EMAIL PROTECTED]> on Tue, 08
> Apr 2008 14:21:38 -0700
>
>
> >
> > What is the effective difference in terms of security?
>
> /var/log/auth.log
>
> all sudo commands( logins, failed attamps, commands run, etc ) are
> all logged there. But then again, I don't know if or where root logins
> and commands/failures/etc get logged on other systems.
>
On Fedora systems I find all commands executed with "sudo" logged in
/var/log/secure
Plain "su root" commands are logged in /var/log/messages, but just as
"session opened" and "session closed". No detail about what happened
in between.
carl
--
carl lowenstein marine physical lab u.c. san diego
[EMAIL PROTECTED]
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
