Public bug reported:
On a fresh 12.04 64 bit machine in the default state + sshd installed,
the auth.log file remained empty, when normally it would fill up with
sshd hacking attempts. The sshd_config was left at its default, which
should record login failures.
I have figured out a workaround, which is probably a good clue about the
underlying bug.
It turns out that the permissions of auth.log were: messagebus (owner)
adm (group)
doing a
sudo chown syslog /etc/auth.log
fixed the problem instantly, with failed logins now going to the file as
expected. I don't know if this "fix" will survive log rotation.
** Affects: syslog-ng (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1059854
Title:
auth.log is empty
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/syslog-ng/+bug/1059854/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
