在阅读有关 Linux 的信息时,尤其是有关 Linux 的信息sudo时,我得到:
/var/log/secure当尝试在sudo bash未成功验证用户身份的情况下执行时,系统日志文件中会出现如下消息(通常是):authentication failure; logname=op uid=0 euid=0 tty=/dev/pts/6 ruser=op rhost= user=op conversation failed auth could not identify password for [op] op : 1 incorrect password attempt ; TTY=pts/6 ; PWD=/var/log ; USER=root ; COMMAND=/bin/bash
然后我在我的 shell 提示符下尝试了它:
anupam@JAZZ:~$ sudo bash
[sudo] password for anupam:
root@JAZZ:~#
然后当我寻找时/var/log/secure,它不在那里
anupam@JAZZ:~$ more /var/log/secure
/var/log/secure: No such file or directory
anupam@JAZZ:~$ ls /var/log
alternatives.log auth.log dmesg gpu-manager.log mysql.log pm-suspend.log.2.gz upstart
alternatives.log.1 auth.log.1 dmesg.0 hp mysql.log.1.gz samba wtmp
alternatives.log.2.gz auth.log.2.gz dmesg.1.gz installer mysql.log.2.gz speech-dispatcher wtmp.1
apache2 auth.log.3.gz dmesg.2.gz jetty mysql.log.3.gz syslog Xorg.0.log
apport.log auth.log.4.gz dmesg.3.gz kern.log mysql.log.4.gz syslog.1 Xorg.0.log.old
apport.log.1 boot.log dmesg.4.gz kern.log.1 mysql.log.5.gz syslog.2.gz Xorg.1.log
apport.log.2.gz bootstrap.log dpkg.log kern.log.2.gz mysql.log.6.gz syslog.3.gz Xorg.1.log.old
apport.log.3.gz btmp dpkg.log.1 kern.log.3.gz mysql.log.7.gz syslog.4.gz
apport.log.4.gz btmp.1 dpkg.log.2.gz kern.log.4.gz pm-powersave.log syslog.5.gz
apport.log.5.gz ConsoleKit faillog lastlog pm-powersave.log.1 syslog.6.gz
apport.log.6.gz cups fontconfig.log lightdm pm-powersave.log.2.gz syslog.7.gz
apport.log.7.gz dbconfig-common fsck mysql pm-suspend.log udev
apt dist-upgrade gdm mysql.err pm-suspend.log.1 unattended-upgrades
/var/log/secure我的系统中有其他选择吗?
这种类型的日志事件通常在 Debian 及其衍生产品(包括 Ubuntu)中的 /var/log/auth.log 中找到。