Aw: Re: Howto log multiple sftpd instances with their chroot shared via NFS

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 

Thanks, this sounds interesting and maybe in this direction could be the solution? But I do not understand you precisely.

> source s_chroot_<username> { unix-stream("/var/data/chroot/<username>/dev/hostname1/log" optional(yes) ); };
You mean there should be
/var/data/chroot/<username>/dev/hostname1/log
/var/data/chroot/<username>/dev/hostname2/log

?

> (May need to add a symlink on each host /dev/log->/dev/<hostname1>/log)
You mean there should be the Symlink
/var/data/chroot/<username>/dev/log -> /var/data/chroot/<username>/dev/hostname1/log

?

> Do the above for second server, hostname2, use /dev/<hostname2>/log

It would not be possible to have a Symlink
/var/data/chroot/<username>/dev/log -> /var/data/chroot/<username>/dev/hostname2/log

since /var/data/chroot/<username>/dev/log is already a Symlink to /var/data/chroot/<username>/dev/hostname1/log
(see first step), and it is the same NFS filesystem.



> Gesendet: Freitag, 24. September 2021 um 16:08 Uhr
> Von: "Douglas E Engert" <deengert@xxxxxxxxx>
> An: openssh-unix-dev@xxxxxxxxxxx
> Betreff: Re: Howto log multiple sftpd instances with their chroot shared via NFS
>
> On 9/21/2021 4:49 AM, Hildegard Meier wrote:
>
> >
> > How can I get the sftp user's activity be logged on each sftp server, when a user logs in to that server, while the user's home is shared on both servers via NFS?
>
> based on:
> https://www.syslog-ng.com/technical-documents/doc/syslog-ng-open-source-edition/3.18/administration-guide/88
>
> This might work for a few sftp servers.
> On first server, hostname1, use /dev/<hostname1>/log for all its default logging and its normal syslog-ng.conf and for the special
> syslog-ng.conf:
> source s_chroot_<username> { unix-stream("/var/data/chroot/<username>/dev/hostname1/log" optional(yes) ); };
> (May need to add a symlink on each host /dev/log->/dev/<hostname1>/log)
>
> Do the above for second server, hostname2, use /dev/<hostname2>/log
>
> Then add these to the chroot directories in NFS:
> /var/data/chroot/<username>/dev/<hostname1>/log
> /var/data/chroot/<username>/dev/<hostname2>/log
>
> This should cause hostname1 to lock on  /var/data/chroot/<username>/dev/<hostname1>/log
> and hostname 2 to lock on /var/data/chroot/<username>/dev/<hostname2>/log
> because the syslog-ng does not really look at the syslog-ng.conf in the chroot.
>

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux