isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Mention relay mode and update TLS example.

Browse Source
This commit is contained in:
Todd C. Miller
2021-04-13 14:24:50 -06:00
parent d028410bf7
commit 556b8f62cb
2 changed files with 30 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
doc/sudo_logsrvd.man.in
View File

@@ -2,7 +2,7 @@
.\" .\"
.\" SPDX-License-Identifier: ISC .\" SPDX-License-Identifier: ISC
.\" .\"
.\" Copyright (c) 2019-2020 Todd C. Miller <Todd.Miller@sudo.ws> .\" Copyright (c) 2019-2021 Todd C. Miller <Todd.Miller@sudo.ws>
.\" .\"
.\" Permission to use, copy, modify, and distribute this software for any .\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above .\" purpose with or without fee is hereby granted, provided that the above
@@ -16,7 +16,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\" .\"
.TH "SUDO_LOGSRVD" "@mansectsu@" "March 28, 2020" "Sudo @PACKAGE_VERSION@" "System Manager's Manual" .TH "SUDO_LOGSRVD" "@mansectsu@" "April 13, 2021" "Sudo @PACKAGE_VERSION@" "System Manager's Manual"
.nh .nh
.if n .ad l .if n .ad l
.SH "NAME" .SH "NAME"
@@ -35,10 +35,18 @@ is a high-performance log server that accepts event and I/O logs from
It can be used to implement centralized logging of It can be used to implement centralized logging of
\fBsudo\fR \fBsudo\fR
logs. logs.
Event log entries may be logged either via The server has two modes of operation: local and relay.
By default,
\fBsudo_logsrvd\fR
stores the logs locally but it can also be configured to
relay them to another server that supports the
sudo_logsrv.proto(@mansectform@)
protocol.
.PP
When not relaying, event log entries may be logged either via
syslog(3) syslog(3)
or to a file. or to a local file.
I/O Logs created by I/O Logs stored locally by
\fBsudo_logsrvd\fR \fBsudo_logsrvd\fR
can be replayed via the can be replayed via the
sudoreplay(@mansectsu@) sudoreplay(@mansectsu@)
@@ -376,8 +384,8 @@ names used earlier:
.nf .nf
.sp .sp
.RS 6n .RS 6n
# If set, secure connections with TLS 1.2 or 1.3. # Listen on port 30344 for TLS connections to any address.
tls = true listen_address = *:30344(tls)
# Path to the certificate authority bundle file in PEM format. # Path to the certificate authority bundle file in PEM format.
tls_cacert = /etc/ssl/sudo/cacert.pem tls_cacert = /etc/ssl/sudo/cacert.pem

22
doc/sudo_logsrvd.mdoc.in
View File

@@ -1,7 +1,7 @@
.\" .\"
.\" SPDX-License-Identifier: ISC .\" SPDX-License-Identifier: ISC
.\" .\"
.\" Copyright (c) 2019-2020 Todd C. Miller <Todd.Miller@sudo.ws> .\" Copyright (c) 2019-2021 Todd C. Miller <Todd.Miller@sudo.ws>
.\" .\"
.\" Permission to use, copy, modify, and distribute this software for any .\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above .\" purpose with or without fee is hereby granted, provided that the above
@@ -15,7 +15,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\" .\"
.Dd March 28, 2020 .Dd April 13, 2021
.Dt SUDO_LOGSRVD @mansectsu@ .Dt SUDO_LOGSRVD @mansectsu@
.Os Sudo @PACKAGE_VERSION@ .Os Sudo @PACKAGE_VERSION@
.Sh NAME .Sh NAME
@@ -33,10 +33,18 @@ is a high-performance log server that accepts event and I/O logs from
It can be used to implement centralized logging of It can be used to implement centralized logging of
.Nm sudo .Nm sudo
logs. logs.
Event log entries may be logged either via The server has two modes of operation: local and relay.
By default,
.Nm
stores the logs locally but it can also be configured to
relay them to another server that supports the
.Xr sudo_logsrv.proto 5
protocol.
.Pp
When not relaying, event log entries may be logged either via
.Xr syslog 3 .Xr syslog 3
or to a file. or to a local file.
I/O Logs created by I/O Logs stored locally by
.Nm .Nm
can be replayed via the can be replayed via the
.Xr sudoreplay @mansectsu@ .Xr sudoreplay @mansectsu@
@@ -336,8 +344,8 @@ Configuring
for TLS requires the following settings, assuming the same path for TLS requires the following settings, assuming the same path
names used earlier: names used earlier:
.Bd -literal -offset indent .Bd -literal -offset indent
# If set, secure connections with TLS 1.2 or 1.3. # Listen on port 30344 for TLS connections to any address.
tls = true listen_address = *:30344(tls)
# Path to the certificate authority bundle file in PEM format. # Path to the certificate authority bundle file in PEM format.
tls_cacert = /etc/ssl/sudo/cacert.pem tls_cacert = /etc/ssl/sudo/cacert.pem