Re: [Openvpn-users] auth-pam plugin and logging

Fri, 24 May 2013 02:36:12 -0700 

24.05.2013 12:22, Gert Doering пишет:
> Hi,
>
> On Fri, May 24, 2013 at 09:03:41AM +0400, Sergey Urushkin wrote:
>> we're using openvpn server with auth-pam plugin. When user fails to
>> authenticate we get the message to all terminals on the server:
>> AUTH-PAM: BACKGROUND: user 'username' failed to authenticate:
>> Authentication failure
> I assume that the auth-pam plugin is syslogging this, and someone has
> setup /etc/syslog.conf to log all "auth failed!!" messages to "*"
> ("send to all users!").
Thanks for your answer.
We have pretty default /etc/syslog.conf:
*.err;kern.warning;auth.notice;mail.crit        /dev/console
*.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err   
/var/log/messages
local7.*                    /var/log/dhcpd.log
security.*                    /var/log/security
auth.info;authpriv.info                /var/log/auth.log
mail.info                    /var/log/maillog
lpr.info                    /var/log/lpd-errs
ftp.info                    /var/log/xferlog
cron.*                        /var/log/cron
*.=debug                    /var/log/debug.log
*.emerg                        *
!ppp
*.*                        /var/log/ppp.log
!*

But I tried to comment lines with "*" and "/dev/console", didn't help.
Ubuntu's rsyslog config is default too.

These messages appear without any timestamp/hostname, so I thought they
could be not from syslogd. Well, after killing syslogd they still appears.

Also I tried to configure pam with unexisting module and after trying to
connect, I got:
AUTH-PAM: BACKGROUND: user 'user' failed to authenticate: Module is unknown

So, any PAM error is broadcasted...


>
> gert

-- 
Best regards,
Sergey Urushkin

Attachment: signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
Try New Relic Now & We'll Send You this Cool Shirt
New Relic is the only SaaS-based application performance monitoring service 
that delivers powerful full stack analytics. Optimize and monitor your
browser, app, & servers with just a few lines of code. Try New Relic
and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Reply via email to