home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: comp.sys.next.bugs
- Path: sparky!uunet!spool.mu.edu!umn.edu!mmm.serc.3m.com!pwcs!kegworks!lfahnoe
- From: lfahnoe@kegworks.mn.org (Larry Fahnoe)
- Subject: netinfo/security: lockout disables login_accounting
- Message-ID: <1993Jan4.023731.250@kegworks.mn.org>
- Organization: The Kegworks, Minneapolis, Minnesota
- Date: Mon, 4 Jan 1993 02:37:31 GMT
- Lines: 40
-
- Environment: standalone cube running 3.0
-
- I would like to be able to log failed login attempts, and according to the
- network and system admin guide (chapter 14, setting security options in
- netinfo) I can do this. After following the instructions and verifying
- them with niutil:
-
- cubit> niutil -read . /
- master: localhost/local
- security_options: login_accounting lockout
- trusted_networks: 0
-
- To test this, I added a line to syslog.conf:
-
- *.debug /usr/adm/debug
-
- However after much tinkering about, I find that when you add the lockout
- flag, you loose login_accounting's ability to log failed attempts. A
- simple test shows this:
-
- - set security_options to login_accounting
- - try a few bad logins
- - set security_options to login_accounting + lockout
- - try a few more bad logins
-
- Only the first set of login errors will be logged. It seems that
- sucessfull logins get logged in either case, but I was not testing for
- that case. I have done these tests on a system with a fresh netinfo
- database so I do not believe that there are additional bogosities in my
- netinfo database that were causing problems.
-
- Additionally, it seems that simply sending a HUP to syslogd does not cause
- syslogd to really read /etc/syslog.conf. I found that to add a new log
- file required syslogd to be killed and restarted.
-
- --Larry
- --
- Larry Fahnoe Cellular One
- 612/832-7616 7900 S. Xerxes Ave, Suite 301
- lfahnoe@kegworks.mn.org Minneapolis, MN 55431
-
