Re: Switching audit files under Solaris 8 via cron

From: Daniel Bergman (d-b@home.se)
Date: 05/08/02


Date: Wed, 08 May 2002 22:57:47 +0200
From: Daniel Bergman <d-b@home.se>
To: Robin Stevens <robin.stevens@computing-services.oxford.ac.uk>, rejs@hex.oucs.ox.ac.uk, focus-sun@securityfocus.com


Sorry for getting in late - just wanted to share an ugly way-around this
BSM/SSH/CRON problem:

$ ssh user@host
$ su -
# vi /etc/default/login, comment out CONSOLE statement
# exit
$ exec login
# export EDITOR=vi
# crontab -e
# vi /etc/default/login, remove the comment on CONSOLE statement
# exit

I know that it's really ugly - but it works.

Regards,
Daniel

--On den 30 april 2002 20:33 +0100 Robin Stevens
<robin.stevens@computing-services.oxford.ac.uk> wrote:

> On Tue, Nov 13, 2001 at 02:50:26PM -0800, Darren Moffat wrote:
> ["cron audit problem" errors]
>> > The solutions: edit crontab files via console only, and/or switch to
>> > OpenSSH using either PAM or /bin/login. Both of the latter will
>> > produce a properly validated session, allowing crontab editing.
>>
>> You only get the audit system setup properly when using /bin/login PAM
>> plays no part in BSM setup.
>
> Having run into similar problems myself, I'm trying to find a solution
> that does allow me to edit crontab files over ssh links.
>
> As I understand it from the various discussions of the problem produced
> upon a google search, getting rid of the auditing should cure it. I've
> disabled BSM (bsmunconv), ensured that the audit init script is not being
> run at bootup, and rebooted. Yet I'm still getting the same errors after
> editing root's crontab file over ssh links. For various reasons switching
> from ssh.com SSH to openssh isn't really an option, and any unencrypted
> remote access methods are definitely out :-)
>
> No doubt I've missed something trivial, but any advice would be much
> appreciated.
> --
> --------------- Robin Stevens <robin.stevens@oucs.ox.ac.uk>
> ----------------- Oxford University Computing Services ----------- Web:
> http://www.cynic.org.uk/ ------- (+44)(0)1865: 273212 (work) 273275 (fax)
> Mobile: 07776 235326 -------
>
>

--
Daniel Bergman
Phone: 08 - 55066265
Mobile: 070 - 289 30 39
Fax: 08 - 59827056
Email: d-b@home.se