From 89e30355de5f272942f06549cd4f6722c5a248e7 Mon Sep 17 00:00:00 2001
From: rwatson <rwatson@FreeBSD.org>
Date: Mon, 11 Mar 2002 19:26:29 +0000
Subject: Clean up logging of security information a bit:

o Introduce /var/log/authentication.log, which will be the target for
  auth.info and authpriv.info by default.  Rotate on the same schedule
  as most other logs.  Create at installation.

o Remove logging of auth.info from /var/log/security.log, which will
  return to being only for security feature subsystems (such as ipfw,
  and so on).

This creates a special authentication log, which can now be searched
by scripts for authentication events.
---
 etc/Makefile       | 2 ++
 etc/newsyslog.conf | 1 +
 etc/syslog.conf    | 3 ++-
 3 files changed, 5 insertions(+), 1 deletion(-)

(limited to 'etc')

diff --git a/etc/Makefile b/etc/Makefile
index 3823a34..0bea465 100644
--- a/etc/Makefile
+++ b/etc/Makefile
@@ -130,6 +130,8 @@ distribution:
 	    ${DESTDIR}/etc/dumpdates
 	${INSTALL} -c -o nobody -g ${BINGRP} -m 644 /dev/null \
 	    ${DESTDIR}/var/db/locate.database
+	${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 600 /dev/null \
+	    ${DESTDIR}/var/log/authentication.log
 	${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 644 /dev/null \
 	    ${DESTDIR}/var/log/lpd-errs
 	${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 640 /dev/null \
diff --git a/etc/newsyslog.conf b/etc/newsyslog.conf
index f743c58..8c70e94 100644
--- a/etc/newsyslog.conf
+++ b/etc/newsyslog.conf
@@ -10,6 +10,7 @@
 # logfilename          [owner:group]    mode count size when [ZJB] [/pid_file] [sig_num]
 /var/log/cron				600  3	   100	*     Z
 /var/log/amd.log			644  7	   100	*     Z
+/var/log/authentication.log		600  7     100  *     Z
 /var/log/kerberos.log			600  7	   100	*     Z
 /var/log/lpd-errs			644  7	   100	*     Z
 /var/log/maillog			640  7	   *	@T00  Z
diff --git a/etc/syslog.conf b/etc/syslog.conf
index 7a3e843..0c33d97 100644
--- a/etc/syslog.conf
+++ b/etc/syslog.conf
@@ -7,7 +7,8 @@
 #	Consult the syslog.conf(5) manpage.
 *.err;kern.debug;auth.notice;mail.crit		/dev/console
 *.notice;kern.debug;lpr.info;mail.crit;news.err	/var/log/messages
-security.*;auth.info				/var/log/security
+security.*					/var/log/security
+auth.info;authpriv.info				/var/log/authentication.log
 mail.info					/var/log/maillog
 lpr.info					/var/log/lpd-errs
 cron.*						/var/log/cron
-- 
cgit v1.1