diff options
Diffstat (limited to 'examples')
| -rw-r--r-- | examples/sudo_logsrvd.conf | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/examples/sudo_logsrvd.conf b/examples/sudo_logsrvd.conf index 32dbd821b..5fd7d3f40 100644 --- a/examples/sudo_logsrvd.conf +++ b/examples/sudo_logsrvd.conf @@ -179,6 +179,10 @@ # specified by iolog_mode. #iolog_mode = 0600 +# If disabled, sudo_logsrvd will attempt to avoid logging plaintext +# password in the terminal input using passprompt_regex. +#log_passwords = true + # The maximum sequence number that will be substituted for the "%{seq}" # escape in the I/O log file. While the value substituted for "%{seq}" # is in base 36, maxseq itself should be expressed in decimal. Values @@ -186,6 +190,12 @@ # number "ZZZZZZ") will be silently truncated to 2176782336. #maxseq = 2176782336 +# One or more POSIX extended regular expressions used to match +# password prompts in the terminal output when log_passwords is +# disabled. Multiple passprompt_regex settings may be specified. +#passprompt_regex = [Pp]assword[: ]* +#passprompt_regex = [Pp]assword for [a-z0-9]+: * + [eventlog] # Where to log accept, reject, exit, and alert events. # Accepted values are syslog, logfile, or none. |