diff options
| author | Mattias Andrée <maandree@operamail.com> | 2014-10-30 12:52:12 +0100 |
|---|---|---|
| committer | Mattias Andrée <maandree@operamail.com> | 2014-10-30 12:52:12 +0100 |
| commit | cdc00a3b731673880b40e11d3635983d4163c109 (patch) | |
| tree | 373f5f267489f134e134803a7c285fd697a911ec | |
| parent | add manual (diff) | |
| download | cerberus-logging-cdc00a3b731673880b40e11d3635983d4163c109.tar.gz cerberus-logging-cdc00a3b731673880b40e11d3635983d4163c109.tar.bz2 cerberus-logging-cdc00a3b731673880b40e11d3635983d4163c109.tar.xz | |
typo + whitespace + log failed login attempts with syslog1414669981
Signed-off-by: Mattias Andrée <maandree@operamail.com>
| -rw-r--r-- | info/cerberus-logging.texinfo | 4 | ||||
| -rw-r--r-- | src/log-login-audit.c | 2 | ||||
| -rw-r--r-- | src/log-login-syslog.c | 35 | ||||
| -rwxr-xr-x | src/logging | 3 |
4 files changed, 29 insertions, 15 deletions
diff --git a/info/cerberus-logging.texinfo b/info/cerberus-logging.texinfo index 68cec12..2ae515b 100644 --- a/info/cerberus-logging.texinfo +++ b/info/cerberus-logging.texinfo @@ -83,11 +83,11 @@ Log failed login attempt with the btmp system. @item log-login-utmp Log successful login with the utmp/wtmp system. @item log-login-audit -Log successful or failed login attemp with the audit system. +Log successful or failed login attempt with the audit system. @item log-login-lastlog Log successful login with the lastlog system. @item log-login-syslog -Log successful login with syslog. +Log successful or failed login attempt with syslog. @end table Upon a successful login, before the login takes place, diff --git a/src/log-login-audit.c b/src/log-login-audit.c index 2ddda77..67eae3f 100644 --- a/src/log-login-audit.c +++ b/src/log-login-audit.c @@ -28,7 +28,7 @@ int do_log(void) if ((!streq(action, "failed")) && (!streq(action, "login"))) return 0; - + status = streq(action, "login"); if (pwd = getpwnam(username), pwd == NULL) return -1; diff --git a/src/log-login-syslog.c b/src/log-login-syslog.c index c89c629..1c8567b 100644 --- a/src/log-login-syslog.c +++ b/src/log-login-syslog.c @@ -27,23 +27,36 @@ int do_log(void) struct passwd* pwd; const char* prefix; const char* affix; + int status; - if (!streq(action, "login")) + if ((!streq(action, "failed")) && (!streq(action, "login"))) return 0; + status = streq(action, "login"); + if (pwd = getpwnam(username), pwd == NULL) return -1; openlog("log-login-syslog", LOG_ODELAY, LOG_AUTHPRIV); - - if (strstr(ttyname, "ttyS") == ttyname) - syslog(LOG_INFO, "DIALUP AT %s BY %s", ttyname, username); - - prefix = pwd->pw_uid ? "" : "ROOT "; - affix = hostname ? " FROM " : ""; - hostname = hostname ? hostname : empty; - - syslog(pwd->pw_uid ? LOG_INFO : LOG_NOTICE, "%sLOGIN ON %s BY %s%s%s", - prefix, ttyname, username, affix, hostname); + + if (status) + { + if (strstr(ttyname, "ttyS") == ttyname) + syslog(LOG_INFO, "DIALUP AT %s BY %s", ttyname, username); + + prefix = pwd->pw_uid ? "" : "ROOT "; + affix = hostname ? " FROM " : ""; + hostname = hostname ? hostname : empty; + + syslog(pwd->pw_uid ? LOG_INFO : LOG_NOTICE, "%sLOGIN ON %s BY %s%s%s", + prefix, ttyname, username, affix, hostname); + } + else + { + affix = hostname ? " FROM " : ""; + + syslog(LOG_NOTICE, "FAILED LOGIN SESSION%s%s FOR %s ON %s", + affix, hostname, username, ttyname); + } closelog(); return 0; diff --git a/src/logging b/src/logging index c1ca78e..63287d5 100755 --- a/src/logging +++ b/src/logging @@ -104,12 +104,13 @@ log_denied () { try log-login-btmp "$@" try log-login-audit "$@" + try log-login-syslog "$@" } # Figure out the actionname action="${hook}" if [ "${hook}" = denied ]; then - action=fail + action=failed fi # Preprend options to values |