Aw: Re: Howto log multiple sftpd instances with their chroot shared via NFS

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Thanks, this sounds like the solution could be in this direction.
I think, the sftpd process should just not write to the /dev/log unix socket (because this leads to the problem here), but to the local kernel directly, something like what you describe here.

But how could I do this concrete with Ubuntu Linux? What you write is rather abstract and I am not so expert that I understand what you mean with LD_PRELOAD wrapper.

Unfortunately, I could not change our sftp server to OpenBSD operating system since we would not have the capacity to maintain this one special operating system. We maintain our 350 Ubuntu Linux servers with already established processes.



> This is amongst the reasons why OpenBSD has the sendsyslog(2) syscall,
> https://man.openbsd.org/sendsyslog.2 - the syslog daemon opens a
> kernel socket to receive those messages, and processes which want to
> write a log entry just call the standard syslog functions which use
> sendsyslog(2) rather than /dev/log, so it works even through FD
> exhaustion, in chroot, and with syscall filters that prohibit
> filesystem access.
>
> Not entirely pleasant but I suppose it could alternatively be done by
> using a LD_PRELOAD wrapper to override syslog functions (I think just
> syslog_r is probably enough for openssh) and have them send over a
> network socket instead.

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux