[Pkg-shadow-devel] Bug#190215: Different levels to log
successful/unsuccessful su through syslog (Bug #190215)
Christian Perrier
bubulle at debian.org
Thu Oct 27 15:48:30 UTC 2005
In #190215, Reinhard Mueller suggests that su logs
successufl/unsuccessful logins through syslog.
He suggests the following matrix:
successful unsuccessful
non-root user LOG_INFO LOG_NOTICE
root user LOG_NOTICE LOG_WARNING
The user on the left being the user *after* the su (or the user which
was failed to become).
Though this is in general a good suggesiton, imho., this does not
follow PAM behaviour where successful authentication is logged as
LOG_INFO and unsuccessful is logged as LOG_NOTICE.
I suggest keeping this and thus implementing the following simple
matrix:
successful unsuccessful
any user LOG_INFO LOG_NOTICE
My patch to sulog.c for this is ready and waits for comments ?
--
More information about the Pkg-shadow-devel
mailing list