Re: Aw: Re: Howto log multiple sftpd instances with their chroot shared via NFS

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On 9/24/2021 10:03 AM, Hildegard Meier wrote:

Thanks, this sounds interesting and maybe in this direction could be the solution? But I do not understand you precisely.


source s_chroot_<username> { unix-stream("/var/data/chroot/<username>/dev/hostname1/log" optional(yes) ); };

You mean there should be
/var/data/chroot/<username>/dev/hostname1/log
/var/data/chroot/<username>/dev/hostname2/log



The point is each application's syslog library will write to  /dev/hostnameX/log  or if running in chroot
var/data/chroot/<username>/dev/hostnameX/log

Thus each sever has it own lock for each user.


So any lock done while application is running in chroot will lock will lock on different file.





(May need to add a symlink on each host /dev/log->/dev/<hostname1>/log)

You mean there should be the Symlink
/var/data/chroot/<username>/dev/log -> /var/data/chroot/<username>/dev/hostname1/log



Symlink may not be needed. I was refereing to a symlink when not using the chroot.




Do the above for second server, hostname2, use /dev/<hostname2>/log


It would not be possible to have a Symlink
/var/data/chroot/<username>/dev/log -> /var/data/chroot/<username>/dev/hostname2/log

since /var/data/chroot/<username>/dev/log is already a Symlink to /var/data/chroot/<username>/dev/hostname1/log
(see first step), and it is the same NFS filesystem.




Gesendet: Freitag, 24. September 2021 um 16:08 Uhr
Von: "Douglas E Engert" <deengert@xxxxxxxxx>
An: openssh-unix-dev@xxxxxxxxxxx
Betreff: Re: Howto log multiple sftpd instances with their chroot shared via NFS

On 9/21/2021 4:49 AM, Hildegard Meier wrote:



How can I get the sftp user's activity be logged on each sftp server, when a user logs in to that server, while the user's home is shared on both servers via NFS?


based on:
https://www.syslog-ng.com/technical-documents/doc/syslog-ng-open-source-edition/3.18/administration-guide/88

This might work for a few sftp servers.
On first server, hostname1, use /dev/<hostname1>/log for all its default logging and its normal syslog-ng.conf and for the special
syslog-ng.conf:
source s_chroot_<username> { unix-stream("/var/data/chroot/<username>/dev/hostname1/log" optional(yes) ); };
(May need to add a symlink on each host /dev/log->/dev/<hostname1>/log)

Do the above for second server, hostname2, use /dev/<hostname2>/log

Then add these to the chroot directories in NFS:
/var/data/chroot/<username>/dev/<hostname1>/log
/var/data/chroot/<username>/dev/<hostname2>/log

This should cause hostname1 to lock on  /var/data/chroot/<username>/dev/<hostname1>/log
and hostname 2 to lock on /var/data/chroot/<username>/dev/<hostname2>/log
because the syslog-ng does not really look at the syslog-ng.conf in the chroot.



.



--

 Douglas E. Engert  <DEEngert@xxxxxxxxx>

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux