Re: Switching audit files under Solaris 8 via cron
From: Trevor Fiatal (trevor@seven.com)Date: 11/13/01
- Previous message: Doug Hughes: "RE: Syslog"
- In reply to: Roland Crüsemann: "Switching audit files under Solaris 8 via cron"
- Next in thread: Darren Moffat: "Re: Switching audit files under Solaris 8 via cron"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <3BF18D38.D5F99A67@fiatal.net> Date: Tue, 13 Nov 2001 13:14:32 -0800 From: Trevor Fiatal <trevor@seven.com> To: Roland Crüsemann <cruesemann@trustcenter.de> Subject: Re: Switching audit files under Solaris 8 via cron
Roland Crüsemann wrote:
>
> Hi,
>
> switching audit files via cron with the crontab entry
> 0 1 * * * /usr/sbin/audit -n
> for root doesn't work under Solaris 8.
> It produces the following entry in /var/cron/log:
> ! cron audit problem. job failed (/usr/sbin/audit -n) for user root Tue Nov
You're probably logging in via SSH and then editing the crontab, right?
With auditing turned on, a login via certain SSH products (ssh.com)
does not produce a properly validated security context. This results
in symptoms like not being able to edit crontab files via SSH login.
The solutions: edit crontab files via console only, and/or switch to
OpenSSH using either PAM or /bin/login. Both of the latter will produce
a properly validated session, allowing crontab editing.
Hope this helps.
-Trevor
-- Trevor Fiatal -- trevor@seven.com -- http://www.seven.com/ Co-Founder, CSO SEVEN 510.967.4556 (work/mobile) 510.401.8054 (vmail/fax)
- Previous message: Doug Hughes: "RE: Syslog"
- In reply to: Roland Crüsemann: "Switching audit files under Solaris 8 via cron"
- Next in thread: Darren Moffat: "Re: Switching audit files under Solaris 8 via cron"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
