Currently the script only checks the sudoers file but in the file itself it states:
Please consider adding local content in /etc/sudoers.d/ instead of
directly modifying this file.
This means that we should instead create our our separate file with the following:
sudo nano /etc/sudoers.d/logging
Inside the file you'd write:
Defaults logfile=/var/log/sudo.log
Defaults log_input, log_output
sudo chmod 440 /etc/sudoers.d/logging
The script should check the sudoers.d directory and if need be go through all files in there and search for 'Defaults logfile'
Currently the script only checks the sudoers file but in the file itself it states:
Please consider adding local content in /etc/sudoers.d/ instead of
directly modifying this file.
This means that we should instead create our our separate file with the following:
sudo nano /etc/sudoers.d/loggingInside the file you'd write:
Defaults logfile=/var/log/sudo.log
Defaults log_input, log_output
sudo chmod 440 /etc/sudoers.d/loggingThe script should check the sudoers.d directory and if need be go through all files in there and search for 'Defaults logfile'