|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: LOG_AUTHPRIV and the default syslog.conf
From: Yar Tikhiy (yar
freebsd.org)
Date: Wed Apr 02 2003 - 07:36:25 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Wed, Apr 02, 2003 at 07:02:44AM -0600, D J Hawkey Jr wrote:
>
> FWIW, long ago, I set one of mine up as:
>
> *.err;authpriv.none /dev/console
> *.notice;auth.info;kern.debug;security.none;local0.none;authpriv.none /var/log/messages
> security.*;local0.*;authpriv.* /var/log/security
>
> I must have been thinking the same thing Yar does WRT authpriv and
> /var/log/messages.
>
> Note that I also added local0, for ipmon(8); is it too late to
> consider this hack as well as Yar's?
Today's style is to send messages from packet filters to
/var/log/security, and from authenticating functions to /var/log/auth.log.
Additionally I think it would be poor style to use local0 in the
default syslog.conf since local* should be left for site-specific
purposes. Therefore I'd suggest changing src/sbin/ipmon/Makefile
so that it will add ``-DLOGFAC=LOG_SECURITY'' to CFLAGS, and syncing
ipmon.8; so ipmon(8) would behave consistently with the rest of the
system.
--
Yar
_______________________________________________
freebsd-securityfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]