torsdag den 16 augusti 2012 klockan 08:46 skrev Simon Josefsson detta:
> Russ Allbery <[email protected]> writes:
>
> > Simon Josefsson <[email protected]> writes:
> >
> >> I believe these are important for knowing when someone got a ticket, so
> >> they should definitely be in the syslog. If we are changing this one to
> >> LOG_AUTH, many other messages should also be moved, since they also
> >> print user information. However, I wonder what MIT/Heimdal does, or
> >> what other servers do, like sshd?
> >
> > Heimdal uses LOG_AUTH. I believe MIT does as well, although I'm finding
> > it difficult to locate the exact code that sets the default. sshd uses
> > LOG_AUTH.
>
> Thanks -- I have changed shishid to use LOG_AUTHPRIV now (we'll see how
> portable that is compared to LOG_AUTH...).
Right decision, a clear improvement.
GNU/Linux and BSD offer
{ "auth", LOG_AUTH },
{ "authpriv", LOG_AUTHPRIV }
as distinct facilities, Solaris offer only
{ "auth", LOG_AUTH }
and commercial unices are not available to me.
Anyway, you should provide for LOG_AUTH.
BSD systems use two different settings as standard,
and the are not using "/var/log/syslog" at all:
auth.notice /dev/console
auth.notice;authpriv.none /var/log/messages
auth.info;authpriv.info /var/log/auth.log
-rw-r--r-- root:wheel /var/log/messages
-rw------- root:wheel /var/log/auth.log
or
auth,authpriv.none /var/log/messages
auth.info /var/log/authlog
authpriv.debug /var/log/secure
-rw-r--r-- root:wheel /var/log/messages
-rw-r----- root:wheel /var/log/authlog
-rw------- root:wheel /var/log/secure
Regards,
Mats E A
_______________________________________________
Help-shishi mailing list
[email protected]
https://lists.gnu.org/mailman/listinfo/help-shishi
