Re: adminlog
From: Darren J Moffat (Darren.Moffat@Sun.COM)
Date: 01/17/03
- Previous message: Wilfred Spiegelenburg: "RE: adminlog"
- In reply to: Ali Ernalbant: "adminlog"
- Next in thread: Joe Kattner: "Re: adminlog"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 17 Jan 2003 13:00:24 -0800 (PST) From: Darren J Moffat <Darren.Moffat@Sun.COM> To: Ali Ernalbant <ernalbant@uekae.uekae.tubitak.gov.tr>
On Wed, 15 Jan 2003, Ali Ernalbant wrote:
> I created `/var/adm/loginlog` as root to capture failed logins with
> permission 600. (Solaris 9)
> I changed group owner to `sys`. However when I try to make failed login
> attempts, I can not get any log
> into `/var/adm/loginlog`.
> Can anyone help me about this?
Only /bin/login uses /var/adm/loginlog. It only adds entries to that
log after RETRIES failed attempts. RETRIES is set in /etc/default/login
and is 5 by default.
If you are interested in failed login attempts I strongly suggest you
use BSM audit instead. See bsmconv(1m) for details, you need only setup
the audit class lo. The attach document shows you all you need to get
started.
-- Darren J Moffat
- TEXT/PLAIN attachment: failed_logins
- Next message: Joe Kattner: "Re: adminlog"
- Previous message: Wilfred Spiegelenburg: "RE: adminlog"
- In reply to: Ali Ernalbant: "adminlog"
- Next in thread: Joe Kattner: "Re: adminlog"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
