Re: [CentOS] logging in
On 01/30/18 16:21, m.r...@5-cent.us wrote: Interesting. lastlog was always my go-to. However, at least in C6, last gets it, while lastlog does not. How odd. Did you check /var/log/secure ? last command not mentioning logged i9n users will raise very big red flag for me. I also would check for something benign, like full filesystem. And hard drive errors. But the very first thing I would do: check the integrity of your box - whichever host integrity tool you use... Good luck. Valeri mark ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos -- Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] logging in
Interesting. lastlog was always my go-to. However, at least in C6, last gets it, while lastlog does not. How odd. mark ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] logging in
Marcelo Roccasalva wrote: > On Tue, Jan 30, 2018 at 3:26 PM,wrote: >> >> This is odd. >> >> We're seeing a *lot* of >> sshd[8400]: Timeout, client not responding. > > Is it possible you are testing ssh availability from nagios, monit, or > some other software that connects to the port 22 without logging in? > Ok, I guess I wasn't clear. First, selinux is in permissive mode. Second, I, my manager, and another user have all logged into the server. Yet lastlog | grep -v Never shows only root and the years-old security account. It doesn't show any of us. mark ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] logging in
On Tue, Jan 30, 2018 at 3:26 PM,wrote: > > This is odd. > > We're seeing a *lot* of > sshd[8400]: Timeout, client not responding. Is it possible you are testing ssh availability from nagios, monit, or some other software that connects to the port 22 without logging in? -- Marcelo "¿No será acaso que esta vida moderna está teniendo más de moderna que de vida?" (Mafalda) ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] logging in
On 30 January 2018 at 13:40, Jon Pruentewrote: > On Tue, Jan 30, 2018 at 12:26 PM, wrote: > > > This is odd. > > > > We're seeing a *lot* of > > sshd[8400]: Timeout, client not responding. > > So I'm trying to find out whose client is having issues. Trying to figure > > that, after processes are gone, I tried looking in lastlog, which is > where > > it gets odd. lastlog shows root coming in, and it shows a security > account > > coming in... years ago. > > > > I see one of our users logging in a goodly number of times... but lastlog > > doesn't show him. I just logged in as myself, no password, using keys... > > and lastlog doesn't show me, or my manager, or anyone else. > > > > Does anyone have any idea why lastlog's not recording *all* logins? > > > > You can look at /var/log/audit/audit.log to see more detail than what last > shows. A nice tip is to pipe the output through another tool to convert the > timestamps to human readable date and time. > > tail -f /var/log/audit/audit.log | ausearch -i > or > tail -f /var/log/audit/audit.log | perl -pe 's/(\d+)/localtime($1)/e' > > Also check that /var/log/wtmp is set up correctly [smooge@smoogen-laptop ~]$ ls -lZ /var/log/wtmp -rw-rw-r--. root utmp system_u:object_r:wtmp_t:s0 /var/log/wtmp [smooge@smoogen-laptop ~]$ ls -l /var/log/wtmp -rw-rw-r--. 1 root utmp 116352 2018-01-30 13:55 /var/log/wtmp Sometimes wtmp gets rotated at the beginning of the year so there is usually another file like /var/log/wtmp-20180117 or something. > via > https://serverfault.com/questions/327846/convert- > selinux-log-date-format-from-epoch-to-normal > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > -- Stephen J Smoogen. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] logging in
On Tue, Jan 30, 2018 at 12:26 PM,wrote: > This is odd. > > We're seeing a *lot* of > sshd[8400]: Timeout, client not responding. > So I'm trying to find out whose client is having issues. Trying to figure > that, after processes are gone, I tried looking in lastlog, which is where > it gets odd. lastlog shows root coming in, and it shows a security account > coming in... years ago. > > I see one of our users logging in a goodly number of times... but lastlog > doesn't show him. I just logged in as myself, no password, using keys... > and lastlog doesn't show me, or my manager, or anyone else. > > Does anyone have any idea why lastlog's not recording *all* logins? > You can look at /var/log/audit/audit.log to see more detail than what last shows. A nice tip is to pipe the output through another tool to convert the timestamps to human readable date and time. tail -f /var/log/audit/audit.log | ausearch -i or tail -f /var/log/audit/audit.log | perl -pe 's/(\d+)/localtime($1)/e' via https://serverfault.com/questions/327846/convert-selinux-log-date-format-from-epoch-to-normal ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] logging in
This is odd. We're seeing a *lot* of sshd[8400]: Timeout, client not responding. So I'm trying to find out whose client is having issues. Trying to figure that, after processes are gone, I tried looking in lastlog, which is where it gets odd. lastlog shows root coming in, and it shows a security account coming in... years ago. I see one of our users logging in a goodly number of times... but lastlog doesn't show him. I just logged in as myself, no password, using keys... and lastlog doesn't show me, or my manager, or anyone else. Does anyone have any idea why lastlog's not recording *all* logins? mark ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Logging file activity
From: Jason Pyeron jpye...@pdinc.us On windows I use filemon, it tells me every file operation and its result. I have search high and low, but cannot seem to find an alternative. inotify? JD ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Logging file activity
On windows I use filemon, it tells me every file operation and its result. I have search high and low, but cannot seem to find an alternative. I tried the instructions from http://ubuntuforums.org/showthread.php?p=2415252#post2415252 ... echo 1 /proc/sys/vm/block_dump while true; do dmesg -c; sleep 1; done; ... But that only tells me block level info I straced the parent process and all children, but that does not always tell me the full atempted path [pid 17410] open(perfStats.log, O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 0666) = -1 EACCES (Permission denied) Any suggestions? -Jason -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Principal Consultant 10 West 24th Street #100- - +1 (443) 269-1555 x333Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is copyright PD Inc, subject to license 20080407P00. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] logging items to the console using centos 5.1
I need to (occasionally) automatically drop out of X11 mode, recompile something, and then reboot. I can drop out of X11 with init 3, works fine. I use chvt 1 to ensure I am on virtual terminal 1 My recompile and reboot also work. The piece that doesnt work is: make | tee $LOGFILE I was expecting the output (stdout) to be virtual terminal 1. My LOGFILE has all commands in it from my successful recompile but I dont see anything on virtual terminal 1. How do I get the output of my make to show on the console and also in my logfile? Thanks, Jerry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] logging items to the console using centos 5.1
On Mon, Apr 14, 2008 at 9:34 AM, Jerry Geis [EMAIL PROTECTED] wrote: How do I get the output of my make to show on the console and also in my logfile? Use script. Type script logfile.txt, it will open a new shell. After that, everything you type and the output of commands will go to the terminal and to the logfile. After that, just use exit or Ctrl-D to exit the shell, it will stop logging. For more details, man script. It's part of the util-linux rpm, so you'll certainly have it installed already. HTH, Filipe ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Logging into Windows 2003 Active Directory
I would use the official samba documentation... http://samba.org/samba/docs/man/Samba-HOWTO-Collection/domain-member.html#ads-member Craig Thanks everyone, all of the reco's are enough to get me started! jlc ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Logging into Windows 2003 Active Directory
On Dec 18, 2007 1:45 PM, Joseph L. Casale [EMAIL PROTECTED] wrote: I have been searching the net for directions on rhel and centos 5(1) to log in to a windows domain and have found many examples, all different and none work for me. You don't say exactly what you are trying to accomplish, but I'll chime in with the solution we use. If you simply need to have your CentOS boxes be aware of AD users and authenticate against AD passwords, take a look at nss_ldap. There are lots of instructions available on the net, even some good documents from Microsoft. You can even restrict access based on OU or Group membership. If you have a Server 2003 R2 domain, the MS side is ready to go. Otherwise you will need Services For Unix 3.5 on your DCs. I find it to be a much cleaner solution than joining Linux boxes to the domain with Samba if that is not required. Better yet, if I only need authentication for services that have built-in support for LDAP such as cyrus-imapd/saslauthd or httpd, I'll use that service's built-in LDAP authentication against AD and keep the Linux side as a 'black-box'. The learning curve can be a challenge, but once you get it figured out, it's pretty slick. Jeff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Logging into Windows 2003 Active Directory
I have been searching the net for directions on rhel and centos 5(1) to log in to a windows domain and have found many examples, all different and none work for me. Is there a hint to some documentation anyone here knows of that actually works? Thanks! jlc ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Logging into Windows 2003 Active Directory
On Tue, 2007-12-18 at 12:45 -0700, Joseph L. Casale wrote: I have been searching the net for directions on rhel and centos 5(1) to log in to a windows domain and have found many examples, all different and none work for me. Is there a hint to some documentation anyone here knows of that actually works? I would use the official samba documentation... http://samba.org/samba/docs/man/Samba-HOWTO-Collection/domain-member.html#ads-member Craig ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Logging into Windows 2003 Active Directory
Joseph L. Casale wrote: I have been searching the net for directions on rhel and centos 5(1) to log in to a windows domain and have found many examples, all different and none work for me. Is there a hint to some documentation anyone here knows of that actually works? thats a SAMBA issue, really, not a RHEL/CentOS issue, except in that RHEL/CentOS 5 has a particular version of SAMBA. it works somewhat differently in each version of samba, and yes, ADS intergration is often a major pain. Look for directions on Samba 3.0 and Active Directory. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Logging into Windows 2003 Active Directory
There are really two parts to what you are trying to do. Part 1: Get the user information out of the AD LDAP schema. As I understand it, this requires modifying the Active Directory first. I haven't been able to get this to work, but don't control my active directory either. Part 2: Authenticate the user via Kerberos. This is not too bad, as long as you don't care if your desktop can't grant tickets. Two things you need to do: Modify /etc/krb5.conf: * Set the default realm to your AD Domain. e.g.: default_realm = MY.ACTIVEDIRECTORY.COM) * Define as a domain_realm your default realm. e.g.: .my.activedirectory.com = MY.ACTIVEDIRECTORY.COM * Define the realm. e.g.: MY.ACTIVEDIRECTORY.COM { kdc = dc1.my.activedirectory.com kdc = dc2.my.activedirectory.com default_domain = my.activedirectory.com admin_server = dc1.my.activedirectory.com } Modify /etc/pam.d/system-auth -- not something I understand real well, so don't treat this as definitive information. Try: authsufficient/lib/security/$ISA/pam_krb5.so use_first_pass If you use that setup, and keep the username entries in /etc/passwd consistent with the names of users in your active directory, you can require the user to present their AD password in order to login. On Dec 18, 2007 2:45 PM, Joseph L. Casale [EMAIL PROTECTED] wrote: I have been searching the net for directions on rhel and centos 5(1) to log in to a windows domain and have found many examples, all different and none work for me. Is there a hint to some documentation anyone here knows of that actually works? Thanks! jlc ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Logging into Windows 2003 Active Directory
- Original Message - From: Joseph L. Casale [EMAIL PROTECTED] To: centos@centos.org centos@centos.org Sent: Wednesday, December 19, 2007 5:45:13 AM (GMT+1000) Australia/Brisbane Subject: [CentOS] Logging into Windows 2003 Active Directory I have been searching the net for directions on rhel and centos 5(1) to log in to a windows domain and have found many examples, all different and none work for me. Is there a hint to some documentation anyone here knows of that actually works? Thanks! jlc -- This message has been scanned for viruses and dangerous content by MailScanner , and is believed to be clean. Checkout this mailing list archives, I posted a rough guide that works well. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos