Hi Hildegard,
On Tue, 21 Sep 2021, Hildegard Meier wrote:
Now I have a second sftpd server in parallel, with the same user
database and also mounts /var/data/chroot/ via NFS, and has the same
syslog-ng config,
so every user can login on the one server or on the other. This is for
high availability. This works so far.
What is not working now is the sftpd logging: The sftp user's log is
only available on one sftp server exclusively, and that is the one
where syslog-ng was started least, because as I understand it takes
the exclusive unix socket file lock for each user's /dev/log.
So, if a user logs in on the first server, where syslog-ng was started
least, the user's sftp activity is logged on the first server.
But if the user logs in on the second server, it's sftp activity is
not logged, neither on the second nor on the first server.
Forward the log entries on both machines to a log host. E.g.
destination d_tcp {
network("log_host" port(1999));
};
Regards,
David
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
