Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Login auditing under NIS

0 views
Skip to first unread message

Steve LeClaire

unread,
Feb 17, 1999, 3:00:00 AM2/17/99
to
Is there a way to audit user logins from a ypserver?


Hal Jackson

unread,
Feb 17, 1999, 3:00:00 AM2/17/99
to
Steve LeClaire wrote:
>
> Is there a way to audit user logins from a ypserver?

I thought this would be better done at the local machine's level.
My understanding is that NIS would be used for the getpwent() call
during the login process. Password file lookups occur all the time
(as in "ls -l " to display the file/directory ownerships).

The audit software in IRIX could probably do this, or simply parsing
SYSLOG output (which would be easier in my opinion).

--
Harold W. Jackson
System Administrator
Computer Sciences Corp. (CSC)

Phone: 757.864.6564
Email: h.w.j...@larc.nasa.gov

Robb Cadzow

unread,
Feb 18, 1999, 3:00:00 AM2/18/99
to
Try adding this to your /etc/syslog.conf file

auth.debug /var/adm/authlog

this will log all authoriztion to /var/adm/authlog. You can call the log
file whatever you wish, in my case its authlog. I do, however setup all
clients to report authoriztion logging back to my NIS master server,
which is also my personal machine. In addition to the log file you can
specify a local hostname and transfer auth logs to that macine


so for instance on a client you can do

auth.debug @NIS_server_hostname

beware syslog.conf is always TAB deliminted, no spaces!

you can actually have syslog log both to a local and to a remote
"logger"


Hal Jackson wrote:

--
###########################
#Robb Cadzow #
#Hollywood Digital/Todd AO#
#6690 Sunset Blvd #
#Hollywood, CA 90028 #
#http://www.hollydig.com #
#rca...@hollydig.com #
###########################


0 new messages