diff options
| author | rwatson <rwatson@FreeBSD.org> | 2002-03-11 19:26:29 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2002-03-11 19:26:29 +0000 |
| commit | 89e30355de5f272942f06549cd4f6722c5a248e7 (patch) | |
| tree | a6f7d85ace70ee576c3d9952d27311ddde644eb1 /etc | |
| parent | cf446bea56795da1b463bad98883efc41181b48f (diff) | |
| download | FreeBSD-src-89e30355de5f272942f06549cd4f6722c5a248e7.zip FreeBSD-src-89e30355de5f272942f06549cd4f6722c5a248e7.tar.gz | |
Clean up logging of security information a bit:
o Introduce /var/log/authentication.log, which will be the target for
auth.info and authpriv.info by default. Rotate on the same schedule
as most other logs. Create at installation.
o Remove logging of auth.info from /var/log/security.log, which will
return to being only for security feature subsystems (such as ipfw,
and so on).
This creates a special authentication log, which can now be searched
by scripts for authentication events.
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/Makefile | 2 | ||||
| -rw-r--r-- | etc/newsyslog.conf | 1 | ||||
| -rw-r--r-- | etc/syslog.conf | 3 |
3 files changed, 5 insertions, 1 deletions
diff --git a/etc/Makefile b/etc/Makefile index 3823a34..0bea465 100644 --- a/etc/Makefile +++ b/etc/Makefile @@ -130,6 +130,8 @@ distribution: ${DESTDIR}/etc/dumpdates ${INSTALL} -c -o nobody -g ${BINGRP} -m 644 /dev/null \ ${DESTDIR}/var/db/locate.database + ${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 600 /dev/null \ + ${DESTDIR}/var/log/authentication.log ${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 644 /dev/null \ ${DESTDIR}/var/log/lpd-errs ${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 640 /dev/null \ diff --git a/etc/newsyslog.conf b/etc/newsyslog.conf index f743c58..8c70e94 100644 --- a/etc/newsyslog.conf +++ b/etc/newsyslog.conf @@ -10,6 +10,7 @@ # logfilename [owner:group] mode count size when [ZJB] [/pid_file] [sig_num] /var/log/cron 600 3 100 * Z /var/log/amd.log 644 7 100 * Z +/var/log/authentication.log 600 7 100 * Z /var/log/kerberos.log 600 7 100 * Z /var/log/lpd-errs 644 7 100 * Z /var/log/maillog 640 7 * @T00 Z diff --git a/etc/syslog.conf b/etc/syslog.conf index 7a3e843..0c33d97 100644 --- a/etc/syslog.conf +++ b/etc/syslog.conf @@ -7,7 +7,8 @@ # Consult the syslog.conf(5) manpage. *.err;kern.debug;auth.notice;mail.crit /dev/console *.notice;kern.debug;lpr.info;mail.crit;news.err /var/log/messages -security.*;auth.info /var/log/security +security.* /var/log/security +auth.info;authpriv.info /var/log/authentication.log mail.info /var/log/maillog lpr.info /var/log/lpd-errs cron.* /var/log/cron |
