Re: Switching audit files under Solaris 8 via cron

From: Robin Stevens (robin.stevens@computing-services.oxford.ac.uk)
Date: 04/30/02 

Date: Tue, 30 Apr 2002 20:33:26 +0100
From: Robin Stevens <robin.stevens@computing-services.oxford.ac.uk>
To: focus-sun@securityfocus.com

On Tue, Nov 13, 2001 at 02:50:26PM -0800, Darren Moffat wrote:
["cron audit problem" errors]
> >The solutions: edit crontab files via console only, and/or switch to
> >OpenSSH using either PAM or /bin/login. Both of the latter will produce
> >a properly validated session, allowing crontab editing.
>
> You only get the audit system setup properly when using /bin/login PAM
> plays no part in BSM setup.

Having run into similar problems myself, I'm trying to find a solution that
does allow me to edit crontab files over ssh links.

As I understand it from the various discussions of the problem produced
upon a google search, getting rid of the auditing should cure it. I've
disabled BSM (bsmunconv), ensured that the audit init script is not being
run at bootup, and rebooted. Yet I'm still getting the same errors after
editing root's crontab file over ssh links. For various reasons switching
from ssh.com SSH to openssh isn't really an option, and any unencrypted
remote access methods are definitely out :-)

No doubt I've missed something trivial, but any advice would be much
appreciated. 

-- 
--------------- Robin Stevens  <robin.stevens@oucs.ox.ac.uk> -----------------
Oxford University Computing Services ----------- Web: http://www.cynic.org.uk/
------- (+44)(0)1865: 273212 (work) 273275 (fax)  Mobile: 07776 235326 -------