Preferred method for allowing unprivileged UNIX/Linux users to view syslog information

Posted by Joshua Hoblitt on Server Fault See other posts from Server Fault or by Joshua Hoblitt
Published on 2012-09-12T18:58:48Z Indexed on 2012/09/12 21:40 UTC
Read the original article Hit count: 215

Filed under:
|
|
|
|

I have some non-privileged "role accounts" that need the ability to view [some of] the local syslogs (eg. /var/log/messages) for debugging purposes.

This is explicitly local log data, not remote syslog, logstash, etc. Obviously, there's several ways to address this issue. What I'd like to know is if there is a fairly "standardized" way to solve this issue.

Typically, I solve this problem with sudo but either POSIX groups or acls is attractive as it's few chars for the users to type and it removes entries from the sudo log. However, I don't believe I've ever seen that done before. What is your experience? How do large install base sites address this?

© Server Fault or respective owner

Related posts about linux

Related posts about sudo