去掉message日志文件中su命令的记录-创新互联
                                            脚本执行需要root权限,但脚本中使用su命令来执行其他命令或脚本,比如使用nginx用户调用日志统计脚本。


在/var/log/message日志中有过多的日志显示
Jun 28 10:28:06 localhost su: (to nginx) chuangyw on none Jun 28 10:28:06 localhost su: (to nginx) chuangyw on none Jun 28 10:28:06 localhost su: (to nginx) chuangyw on none Jun 28 10:28:07 localhost su: (to nginx) chuangyw on none Jun 28 10:28:07 localhost su: (to nginx) chuangyw on none Jun 28 10:28:07 localhost su: (to nginx) chuangyw on none Jun 28 10:28:07 localhost su: (to nginx) chuangyw on none Jun 28 10:28:07 localhost su: (to nginx) chuangyw on none Jun 28 10:28:07 localhost su: (to nginx) chuangyw on none Jun 28 10:28:07 localhost su: (to nginx) chuangyw on none Jun 28 10:28:07 localhost su: (to nginx) chuangyw on none Jun 28 10:28:07 localhost su: (to nginx) chuangyw on none Jun 28 10:28:07 localhost su: (to nginx) chuangyw on none Jun 28 10:28:08 localhost su: (to nginx) chuangyw on none Jun 28 10:28:08 localhost su: (to nginx) chuangyw on none Jun 28 10:28:08 localhost su: (to nginx) chuangyw on none Jun 28 10:28:08 localhost su: (to nginx) chuangyw on none Jun 28 10:28:08 localhost su: (to nginx) chuangyw on none Jun 28 10:28:08 localhost su: (to nginx) chuangyw on none Jun 28 10:28:08 localhost su: (to nginx) chuangyw on none严重影响message的阅读和过滤;
计划将信息重新建立一个文件保存比如/var/log/su
修改/etc/rsyslog.conf
在message条目中添加:
auth.none
增加条目:
auth.* /var/log/su
# Log anything (except mail) of level info or higher. # Don't log private authentication messages! *.info;mail.none;authpriv.none;cron.none;auth.none /var/log/messages # The authpriv file has restricted access. authpriv.* /var/log/secure auth.* /var/log/su # Log all the mail messages in one place. mail.* -/var/log/maillog记得重启rsyslog生效
systemctl restart rsyslog.service另外有需要云服务器可以了解下创新互联cdcxhl.cn,海内外云服务器15元起步,三天无理由+7*72小时售后在线,公司持有idc许可证,提供“云服务器、裸金属服务器、高防服务器、香港服务器、美国服务器、虚拟主机、免备案服务器”等云主机租用服务以及企业上云的综合解决方案,具有“安全稳定、简单易用、服务可用性高、性价比高”等特点与优势,专为企业上云打造定制,能够满足用户丰富、多元化的应用场景需求。
新闻标题:去掉message日志文件中su命令的记录-创新互联
文章出自:http://www.jxjierui.cn/article/pecei.html

 建站
建站
 咨询
咨询 售后
售后
 建站咨询
建站咨询 
 