On Tue, Sep 9, 2025, at 1:32 AM, Gert Doering wrote:
> Hi,
>
> On Mon, Sep 08, 2025 at 05:28:38PM -0400, Dan Langille wrote:
>> >> Sep 8 18:32:02 gw01 foo[38754]: pro06.int.example.org connected with IP
>> >> 10.0.0.10
> [..]
>> That's the script which produces the foo entry. I see no reason for it to
>> run as foo.
>
> According to "man logger", this is what is running under...
>
> -t tag Mark every line in the log with the specified tag rather than the
> default of current login name. Use -t tag[N] to insert specific
> decimal process id instead of id of logger.
>
> ... but it could be a double uid in /etc/passwd - so if you have set
> openvpn trun as "user bar", and foo+bar share the same uid, the reverse
> mapping done by logger ("what user am I running under?") might end up
> showing "foo".
>
> I'd add a call
>
> logger "my id: `id -a`"
>
> to see what it has to say...
That's interesting:
Sep 9 11:06:09 gw01 foo[26475]: my id: uid=0(root) gid=0(wheel)
groups=0(wheel),5(operator)
OpenVPN runs as root.
--
Dan Langille
[email protected]
_______________________________________________
Openvpn-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-users
