Preferred method for allowing unprivileged UNIX/Linux users to view syslog information
Posted
by
Joshua Hoblitt
on Server Fault
See other posts from Server Fault
or by Joshua Hoblitt
Published on 2012-09-12T18:58:48Z
Indexed on
2012/09/12
21:40 UTC
Read the original article
Hit count: 215
I have some non-privileged "role accounts" that need the ability to view [some of] the local syslogs (eg. /var/log/messages
) for debugging purposes.
This is explicitly local log data, not remote syslog, logstash, etc. Obviously, there's several ways to address this issue. What I'd like to know is if there is a fairly "standardized" way to solve this issue.
Typically, I solve this problem with sudo but either POSIX groups or acls
is attractive as it's few chars for the users to type and it removes entries from the sudo log. However, I don't believe I've ever seen that done before. What is your experience? How do large install base sites address this?
© Server Fault or respective owner