Hi all,
I tried enabling the saslauthd debug flags (-d -n 0) and
saslauthd is properly logging debug info but is NOT including the
remotehost info. My saslauthd debug log looks like:
saslauthd[6655] :do_auth : auth failure: [user=bleh]
[service=smtp] [realm=] [mech=pam] [reason=PAM auth error]
saslauthd[6655] :do_auth : auth success: [user=yay]
[service=smtp] [realm=] [mech=pam]
The [remote=] field isn't showing up at all. How can I get
saslauthd to log the remote IP when debugging is turned on? Is there
some other setting I need to enable, or is saslauthd simply not
compiled correctly?
(I'm using saslauthd 2.1.22, part of the cyrus-sasl 2.1.22
RPM for CentOS 5.)
Lorenzo, RHEL won't commit your previous patch because they
claim it breaks the testsaslauthd utility, along with some other
things. Any chance you can update that so they might be willing to
commit it?
Thanks!
--- Amir
---- Original Message ----
Hi Sean,
I'm digging through some old emails since I'm trying to
finally get this stuff to work. RH seems to be making a little
progress in implementing Lorenzo's patch to get saslauthd to log
rhost via PAM, but I'm curious about your suggestion here... what
did you mean by changing the syslog to a different device, and
getting sasl to log the info? Would this require not using pam
anymore? I'm not all that familiar with the guts of sasl, pam, etc.
so additional details would be helpful.
Thanks.
--- Amir
At 3:18 PM -0400 05/23/2011, omalleys@xxxxxxx wrote:
Quoting Amir 'CG' Caspi <cepheid@xxxxxxxxxx>:
Of course, the rhost really is the most important piece
anyway, since that's what I need for firewalling. I can live
without the bad username, since apparently it's not logged anyway
even with other services.
in the saslauthd code, I think there is a section that allows
-sasl- to log the information you want. It would probably be easier
to modify it there.
IE remove the debug flag requirement and change the syslog to the
device you want.
