Re: [CentOS] logging in

2018-01-30 Thread Valeri Galtsev 



On 01/30/18 16:21, m.r...@5-cent.us wrote:

Interesting. lastlog was always my go-to. However, at least in C6, last
gets it, while lastlog does not.

How odd.


Did you check /var/log/secure ?

last

command not mentioning logged i9n users will raise very big red flag for 
me. I also would check for something benign, like full filesystem. And 
hard drive errors. But the very first thing I would do: check the 
integrity of your box - whichever host integrity tool you use...


Good luck.

Valeri



  mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos



--

Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] logging in

2018-01-30 Thread m . roth 
Interesting. lastlog was always my go-to. However, at least in C6, last
gets it, while lastlog does not.

How odd.

 mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] logging in

2018-01-30 Thread m . roth 
Marcelo Roccasalva wrote:
> On Tue, Jan 30, 2018 at 3:26 PM,  wrote:
>>
>> This is odd.
>>
>> We're seeing a *lot* of
>> sshd[8400]: Timeout, client not responding.
>
> Is it possible you are testing ssh availability from nagios, monit, or
> some other software that connects to the port 22 without logging in?
>
Ok, I guess I wasn't clear. First, selinux is in permissive mode. Second,
I, my manager, and another user have all logged into the server. Yet
lastlog | grep -v Never shows only root and the years-old security
account. It doesn't show any of us.

mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] logging in

2018-01-30 Thread Marcelo Roccasalva 
On Tue, Jan 30, 2018 at 3:26 PM,  wrote:
>
> This is odd.
>
> We're seeing a *lot* of
> sshd[8400]: Timeout, client not responding.

Is it possible you are testing ssh availability from nagios, monit, or
some other software that connects to the port 22 without logging in?

--
Marcelo

"¿No será acaso que esta vida moderna está teniendo más de moderna que de
vida?" (Mafalda)
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] logging in

2018-01-30 Thread Stephen John Smoogen 
On 30 January 2018 at 13:40, Jon Pruente  wrote:

> On Tue, Jan 30, 2018 at 12:26 PM,  wrote:
>
> > This is odd.
> >
> > We're seeing a *lot* of
> > sshd[8400]: Timeout, client not responding.
> > So I'm trying to find out whose client is having issues. Trying to figure
> > that, after processes are gone, I tried looking in lastlog, which is
> where
> > it gets odd. lastlog shows root coming in, and it shows a security
> account
> > coming in... years ago.
> >
> > I see one of our users logging in a goodly number of times... but lastlog
> > doesn't show him. I just logged in as myself, no password, using keys...
> > and lastlog doesn't show me, or my manager, or anyone else.
> >
> > Does anyone have any idea why lastlog's not recording *all* logins?
> >
>
> You can look at /var/log/audit/audit.log to see more detail than what last
> shows. A nice tip is to pipe the output through another tool to convert the
> timestamps to human readable date and time.
>
> tail -f /var/log/audit/audit.log | ausearch -i
> or
> tail -f /var/log/audit/audit.log | perl -pe 's/(\d+)/localtime($1)/e'
>
>
Also check that /var/log/wtmp is set up correctly

[smooge@smoogen-laptop ~]$ ls -lZ /var/log/wtmp
-rw-rw-r--. root utmp system_u:object_r:wtmp_t:s0  /var/log/wtmp
[smooge@smoogen-laptop ~]$ ls -l /var/log/wtmp
-rw-rw-r--. 1 root utmp 116352 2018-01-30 13:55 /var/log/wtmp

Sometimes wtmp gets rotated at the beginning of the year so there is
usually another file like
/var/log/wtmp-20180117 or something.


> via
> https://serverfault.com/questions/327846/convert-
> selinux-log-date-format-from-epoch-to-normal
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>



-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] logging in

2018-01-30 Thread Jon Pruente 
On Tue, Jan 30, 2018 at 12:26 PM,  wrote:

> This is odd.
>
> We're seeing a *lot* of
> sshd[8400]: Timeout, client not responding.
> So I'm trying to find out whose client is having issues. Trying to figure
> that, after processes are gone, I tried looking in lastlog, which is where
> it gets odd. lastlog shows root coming in, and it shows a security account
> coming in... years ago.
>
> I see one of our users logging in a goodly number of times... but lastlog
> doesn't show him. I just logged in as myself, no password, using keys...
> and lastlog doesn't show me, or my manager, or anyone else.
>
> Does anyone have any idea why lastlog's not recording *all* logins?
>

You can look at /var/log/audit/audit.log to see more detail than what last
shows. A nice tip is to pipe the output through another tool to convert the
timestamps to human readable date and time.

tail -f /var/log/audit/audit.log | ausearch -i
or
tail -f /var/log/audit/audit.log | perl -pe 's/(\d+)/localtime($1)/e'

via
https://serverfault.com/questions/327846/convert-selinux-log-date-format-from-epoch-to-normal
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] logging in

2018-01-30 Thread m . roth 
This is odd.

We're seeing a *lot* of
sshd[8400]: Timeout, client not responding.
So I'm trying to find out whose client is having issues. Trying to figure
that, after processes are gone, I tried looking in lastlog, which is where
it gets odd. lastlog shows root coming in, and it shows a security account
coming in... years ago.

I see one of our users logging in a goodly number of times... but lastlog
doesn't show him. I just logged in as myself, no password, using keys...
and lastlog doesn't show me, or my manager, or anyone else.

Does anyone have any idea why lastlog's not recording *all* logins?

mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Logging file activity

2012-05-11 Thread John Doe 
From: Jason Pyeron jpye...@pdinc.us

 On windows I use filemon, it tells me every file operation and its result. I
 have search high and low, but cannot seem to find an alternative.

inotify?

JD
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Logging file activity

2012-05-10 Thread Jason Pyeron 
On windows I use filemon, it tells me every file operation and its result. I
have search high and low, but cannot seem to find an alternative.

I tried the instructions from
http://ubuntuforums.org/showthread.php?p=2415252#post2415252

...
echo 1  /proc/sys/vm/block_dump
while true; do dmesg -c; sleep 1; done;
...

But that only tells me block level info

I straced the parent process and all children, but that does not always tell me
the full atempted path

[pid 17410] open(perfStats.log, O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 0666) =
-1 EACCES (Permission denied)

Any suggestions?

-Jason

--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-   -
- Jason Pyeron  PD Inc. http://www.pdinc.us -
- Principal Consultant  10 West 24th Street #100-
- +1 (443) 269-1555 x333Baltimore, Maryland 21218   -
-   -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
This message is copyright PD Inc, subject to license 20080407P00.


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] logging items to the console using centos 5.1

2008-04-14 Thread Jerry Geis 

I need to (occasionally) automatically drop out of X11 mode,
recompile something, and then reboot.

I can drop out of X11 with init 3, works fine.
I use chvt 1 to ensure I am on virtual terminal 1
My recompile and reboot also work.

The piece that doesnt work is:


make | tee $LOGFILE

I was expecting the output (stdout) to be virtual terminal 1.
My LOGFILE has all commands in it from my successful recompile but I 
dont see anything on virtual terminal 1.


How do I get the output of my make to show on the console and also in my 
logfile?


Thanks,

Jerry
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] logging items to the console using centos 5.1

2008-04-14 Thread Filipe Brandenburger 
On Mon, Apr 14, 2008 at 9:34 AM, Jerry Geis [EMAIL PROTECTED] wrote:
  How do I get the output of my make to show on the console and also in my
 logfile?

Use script. Type script logfile.txt, it will open a new shell.
After that, everything you type and the output of commands will go to
the terminal and to the logfile. After that, just use exit or Ctrl-D
to exit the shell, it will stop logging. For more details, man
script. It's part of the util-linux rpm, so you'll certainly have it
installed already.

HTH,
Filipe
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

RE: [CentOS] Logging into Windows 2003 Active Directory

2007-12-19 Thread Joseph L. Casale 
I would use the official samba documentation...

http://samba.org/samba/docs/man/Samba-HOWTO-Collection/domain-member.html#ads-member

Craig

Thanks everyone, all of the reco's are enough to get me started!
jlc
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Logging into Windows 2003 Active Directory

2007-12-19 Thread Jeff Larsen 
On Dec 18, 2007 1:45 PM, Joseph L. Casale [EMAIL PROTECTED] wrote:
 I have been searching the net for directions on rhel and centos 5(1) to log
 in to a windows domain and have found many examples, all different and none
 work for me.

You don't say exactly what you are trying to accomplish, but I'll
chime in with the solution we use. If you simply need to have your
CentOS boxes be aware of AD users and authenticate against AD
passwords, take a look at nss_ldap. There are lots of instructions
available on the net, even some good documents from Microsoft. You can
even restrict access based on OU or Group membership. If you have a
Server 2003 R2 domain, the MS side is ready to go. Otherwise you will
need Services For Unix 3.5 on your DCs.

I find it to be a much cleaner solution than joining Linux boxes to
the domain with Samba if that is not required. Better yet, if I only
need authentication for services that have built-in support for LDAP
such as cyrus-imapd/saslauthd or httpd, I'll use that service's
built-in LDAP authentication against AD and keep the Linux side as a
'black-box'.

The learning curve can be a challenge, but once you get it figured
out, it's pretty slick.

Jeff
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Logging into Windows 2003 Active Directory

2007-12-18 Thread Joseph L. Casale 
I have been searching the net for directions on rhel and centos 5(1) to log in 
to a windows domain and have found many examples, all different and none work 
for me.
Is there a hint to some documentation anyone here knows of that actually works?

Thanks!
jlc
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Logging into Windows 2003 Active Directory

2007-12-18 Thread Craig White 

On Tue, 2007-12-18 at 12:45 -0700, Joseph L. Casale wrote:
 I have been searching the net for directions on rhel and centos 5(1)
 to log in to a windows domain and have found many examples, all
 different and none work for me.
 
 Is there a hint to some documentation anyone here knows of that
 actually works?

I would use the official samba documentation...

http://samba.org/samba/docs/man/Samba-HOWTO-Collection/domain-member.html#ads-member

Craig

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Logging into Windows 2003 Active Directory

2007-12-18 Thread John R Pierce 

Joseph L. Casale wrote:


I have been searching the net for directions on rhel and centos 5(1) 
to log in to a windows domain and have found many examples, all 
different and none work for me.


Is there a hint to some documentation anyone here knows of that 
actually works?


 




thats a SAMBA issue, really, not a RHEL/CentOS issue, except in that 
RHEL/CentOS 5 has a particular version of SAMBA.   it works somewhat 
differently in each version of samba, and yes, ADS intergration is often 
a major pain. Look for directions on Samba 3.0 and Active Directory.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Logging into Windows 2003 Active Directory

2007-12-18 Thread Michael Semcheski 
There are really two parts to what you are trying to do.

Part 1: Get the user information out of the AD LDAP schema.  As I
understand it, this requires modifying the Active Directory first.  I
haven't been able to get this to work, but don't control my active
directory either.

Part 2: Authenticate the user via Kerberos.  This is not too bad, as
long as you don't care if your desktop can't grant tickets.  Two
things you need to do:
Modify /etc/krb5.conf:
* Set the default realm to your AD Domain.
 e.g.: default_realm = MY.ACTIVEDIRECTORY.COM)
* Define as a domain_realm your default realm.
 e.g.: .my.activedirectory.com = MY.ACTIVEDIRECTORY.COM
* Define the realm.
 e.g.: MY.ACTIVEDIRECTORY.COM
{
  kdc = dc1.my.activedirectory.com
  kdc = dc2.my.activedirectory.com
  default_domain = my.activedirectory.com
  admin_server = dc1.my.activedirectory.com
}

Modify /etc/pam.d/system-auth -- not something I understand real well,
so don't treat this as definitive information.  Try:
authsufficient/lib/security/$ISA/pam_krb5.so use_first_pass

If you use that setup, and keep the username entries in /etc/passwd
consistent with the names of users in your active directory, you can
require the user to present their AD password in order to login.

On Dec 18, 2007 2:45 PM, Joseph L. Casale [EMAIL PROTECTED] wrote:




 I have been searching the net for directions on rhel and centos 5(1) to log
 in to a windows domain and have found many examples, all different and none
 work for me.

 Is there a hint to some documentation anyone here knows of that actually
 works?



 Thanks!
  jlc
 ___
 CentOS mailing list
 CentOS@centos.org
 http://lists.centos.org/mailman/listinfo/centos


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Logging into Windows 2003 Active Directory

2007-12-18 Thread [EMAIL PROTECTED] 

- Original Message - 
From: Joseph L. Casale [EMAIL PROTECTED] 
To: centos@centos.org centos@centos.org 
Sent: Wednesday, December 19, 2007 5:45:13 AM (GMT+1000) Australia/Brisbane 
Subject: [CentOS] Logging into Windows 2003 Active Directory 





I have been searching the net for directions on rhel and centos 5(1) to log in 
to a windows domain and have found many examples, all different and none work 
for me. 

Is there a hint to some documentation anyone here knows of that actually works? 



Thanks! 
jlc 
-- 
This message has been scanned for viruses and 
dangerous content by MailScanner , and is 
believed to be clean. 


Checkout this mailing list archives, I posted a rough guide that works well. 

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos