[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Linux-PAM and syslog (POSIX) (fwd)



On Fri, 27 Mar 1998, Theodore Y. Ts'o wrote:

> Why?  Because you might want all security-related log messages to go to
> a single file, and thus use a separable facility.  That makes it much
> easier for auditing systems to scan for security "events".

As far as I know most syslog functions will accept an OR between the
facility and level. Thus:
	syslog(LOG_DAEMON|LOG_CRIT, message); 
will take care of this.

I happen to agree also with the need to unify the logging mechanism in
Linux-PAM modules - now evry module defines it's own pam_log or whatever,
and chooses what PAM flags to obey or ignore, etc.

We should generalize that within PAM library distribution. As long as this
general interface won't call openlog() or closelog() :-), I might even
code it :-)

Cristian
--
----------------------------------------------------------------------
Cristian Gafton   --   gafton@redhat.com   --   Red Hat Software, Inc.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 UNIX is user friendly. It's just selective about who its friends are.





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []