Skip Menu |

To: <>
From: Pat Riehecky <>
Subject: When using .k5users, commands are not logged
Date: Mon, 12 Oct 2015 11:02:42 -0500
I'm looking to switch from sudo to .k5users, but the logging is reduced
by comparison.

For example:
sudo: riehecky : TTY=pts/2 ; PWD=/home/riehecky ; USER=root ;
COMMAND=/bin/ls -a
ksu[15242]: pam_unix(ksu:session): session opened for user root by

Can the logging be increased so that the command and its arguments is


Pat Riehecky
Scientific Linux developer

Fermi National Accelerator Laboratory
The commit for this issue will fix logging when a non-root user tries
to ksu with a command and authorization fails. The context for that
change in scope is here:
Subject: git commit

Log when non-root ksu authorization fails

If non-root user attempts to ksu but is denied by policy, log to
syslog at LOG_WARNING in keeping with other failure messages.
Author: Robbie Harwood <>
Committer: Greg Hudson <>
Commit: 6cfa5c113e981f14f70ccafa20abfa5c46b665ba
Branch: master
src/clients/ksu/main.c | 10 ++++++++++
1 files changed, 10 insertions(+), 0 deletions(-)