On Mar 20, 2008, at 1:08 PM, René Berber wrote:
> Luke Brannon wrote:
>
>> New to denyhosts (and python for that matter) here and was looking
>> through the archives for any info on getting denyhosts running in
>> daemon mode on Mac OS 10.5 Server. I haven't seen anything specific
>> to 10.5 and I can't seem to get it up and running.
>
> OK.
>
>> Off the bat, there is no longer a /var/log/asl.log in 10.5, it's been
>> replaced with a .db file => /var/log/asl.db that is binary. It looks
>> like sshd is still logging to /var/log/secure.log however and I've
>> adjusted my cfg file accordingly.
>
> Just make sure that the format of the messages is usable. What does
> that mean? DenyHosts (DH) expects a certain syntax, the message should
> contain IP and optionally user name. DH can be configured to use just
> about any message form, but you may have to do a custom configuration
> for your system.
The asl log is now a database. From what I've gathered so far, you
can read it using the syslog command: syslog -k Sender sshd
/var/log/secure.log may be a better choice to monitor as even Apple's
System Admin tools point you there rather than the asl.db.
>
>
>> When I attempt to launch denyhosts using the daemon-control script I
>> get the following output before it exits abnormally:
>>
>> ###########
>>
>> sh-3.2# ./daemon-control start
>> starting DenyHosts: /usr/bin/env python /usr/bin/denyhosts.py --
>> daemon --config=/usr/share/denyhosts/denyhosts.cfg
>> Traceback (most recent call last):
>> File "/usr/bin/denyhosts.py", line 164, in <module>
>> first_time, noemail, daemon)
>> File "/Library/Python/2.5/site-packages/DenyHosts/deny_hosts.py",
>> line 60, in __init__
>> self.init_regex()
>> File "/Library/Python/2.5/site-packages/DenyHosts/deny_hosts.py",
>> line 490, in init_regex
>> self.__sshd_format_regex = self.get_regex('SSHD_FORMAT_REGEX',
>> SSHD_FORMAT_REGEX)
>> File "/Library/Python/2.5/site-packages/DenyHosts/deny_hosts.py",
>> line 486, in get_regex
>> return re.compile(val)
>> File "/System/Library/Frameworks/Python.framework/Versions/2.5/lib/
>> python2.5/re.py", line 180, in compile
>> return _compile(pattern, flags)
>> File "/System/Library/Frameworks/Python.framework/Versions/2.5/lib/
>> python2.5/re.py", line 233, in _compile
>> raise error, v # invalid expression
>> error: unknown specifier: ?P&
>>
>> ###########
>>
>>
>> I take it that the line 164 error means I haven't configured the mail
>> configuration properly, but I'm not sure what the other lines are
>> saying...
>
> No, you are reading the messages wrong. Look at the part that says
> "most recent call last", the last line is the important one, mail
> configuration has nothing to do with the problem.
>
> It's not easy to follow those messages, but it is complaining about
> something in regex.py, which has "SSHD_FORMAT_REGEX =
> re.compile(r""".*
> (sshd.*:|\[sshd\]) (?P<message>.*)""")" and that is not an error,
> something is wrong with your installation.
>
> Does the "?P&" appear anywhere in your DH's files? It's not on
> original
> files. I'm looking at the error message and I don't see how
> "(?P<message>.*)" turned into "?P&", that is strange.
I was alerted by another list member that 10.5 does not require the
custom SSHD_FORMAT_REGEX configuration. Removing this line from the
configuration cleared up all the errors.
Thank you for the response, it was very helpful.
I'll take a look at using launchd to start the denyhost daemon and
post my findings.
Regards,
Luke
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Denyhosts-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/denyhosts-user
