Mats Erik Andersson <[email protected]> writes:
> torsdag den 16 augusti 2012 klockan 08:46 skrev Simon Josefsson detta:
>> Russ Allbery <[email protected]> writes:
>>
>> > Simon Josefsson <[email protected]> writes:
>> >
>> >> I believe these are important for knowing when someone got a ticket, so
>> >> they should definitely be in the syslog. If we are changing this one to
>> >> LOG_AUTH, many other messages should also be moved, since they also
>> >> print user information. However, I wonder what MIT/Heimdal does, or
>> >> what other servers do, like sshd?
>> >
>> > Heimdal uses LOG_AUTH. I believe MIT does as well, although I'm finding
>> > it difficult to locate the exact code that sets the default. sshd uses
>> > LOG_AUTH.
>>
>> Thanks -- I have changed shishid to use LOG_AUTHPRIV now (we'll see how
>> portable that is compared to LOG_AUTH...).
>
> Right decision, a clear improvement.
>
> GNU/Linux and BSD offer
>
> { "auth", LOG_AUTH },
> { "authpriv", LOG_AUTHPRIV }
>
> as distinct facilities, Solaris offer only
>
> { "auth", LOG_AUTH }
>
> and commercial unices are not available to me.
> Anyway, you should provide for LOG_AUTH.
>
> BSD systems use two different settings as standard,
> and the are not using "/var/log/syslog" at all:
Interesting. The reason I used LOG_AUTHPRIV instead of LOG_AUTH was
that my syslog manpage (Ubuntu 12.04) says:
LOG_AUTH security/authorization messages (DEPRECATED Use
LOG_AUTHPRIV instead)
I kind of guessed that the situation wasn't as simple as that...
/Simon
_______________________________________________
Help-shishi mailing list
[email protected]
https://lists.gnu.org/mailman/listinfo/help-shishi
