1 files changed, 114 insertions, 0 deletions

diff --git a/info/cerberus-logging.texinfo b/info/cerberus-logging.texinfo
new file mode 100644
index 0000000..68cec12
--- /dev/null
+++ b/info/cerberus-logging.texinfo
@@ -0,0 +1,114 @@
+\input texinfo   @c -*-texinfo-*-
+
+@c %**start of header
+@setfilename cerberus-logging.info
+@settitle cerberus-logging
+@afourpaper
+@documentencoding UTF-8
+@documentlanguage en
+@finalout
+@c %**end of header
+
+
+@dircategory Security
+@direntry
+* cerberus-logging: (cerberus-logging).     Logging extension for cerberus.
+@end direntry
+
+
+@copying
+Copyright @copyright{} 2014 Mattias Andrée
+
+@quotation
+Permission is granted to copy, distribute and/or modify this document
+under the terms of the GNU Free Documentation License, Version 1.3 or
+any later version published by the Free Software Foundation; with no
+Invariant Sections, with no Front-Cover Texts, and with no Back-Cover
+Texts. A copy of the license is included in the section entitled
+``GNU Free Documentation License''.
+@end quotation
+@end copying
+
+@ifnottex
+@node Top
+@top cerberus-logging -- Logging extension for cerberus
+@insertcopying
+@end ifnottex
+
+@titlepage
+@title cerberus-logging
+@subtitle Logging extension for cerberus
+@author by Mattias Andrée (maandree)
+
+@page
+@vskip 0pt plus 1filll
+@insertcopying
+@end titlepage
+
+@contents
+
+
+
+@menu
+* Overview::                        Brief overview of @command{cerberus-logging}.
+* GNU Free Documentation License::  Copying and sharing this manual.
+@end menu
+
+
+
+@node Overview
+@chapter Overview
+
+@command{cerberus-logging} is extension set to @command{cerberus}
+for logging logins, logouts (possible but not implemented) and
+failed login attempts. The only restrict @command{cerberus-logging}
+has is that it cannot log what passphrase the user entered; this
+is because @command{cerberus} does not provide that information.
+
+The @command{cerberus-logging} package includes a shell script
+named @file{logging} stored in @file{/usr/share/cerberus-logging}.
+If you want to use this extension to @command{cerberus} either
+link to it from @file{/etc/cerberusrc}@footnote{
+@command{sudo ln -s /usr/share/cerberus-logging/logging /etc/cerberusrc}},
+or from @file{/etc/cerberusrc} run
+@command{env LOGIN_PID=$PPID /usr/share/cerberus-logging/logging}.
+
+@command{cerberus-logging} includes five commands, all of which
+are optional. These commands are used for logging events with
+different logging systems.
+
+@table @command
+@item log-login-btmp
+Log failed login attempt with the btmp system.
+@item log-login-utmp
+Log successful login with the utmp/wtmp system.
+@item log-login-audit
+Log successful or failed login attemp with the audit system.
+@item log-login-lastlog
+Log successful login with the lastlog system.
+@item log-login-syslog
+Log successful login with syslog.
+@end table
+
+Upon a successful login, before the login takes place,
+@command{cerberus-logging} will run the user's
+@file{~/.prelogin}, as the user, if that file exists
+and is executable by both root and the user. This can
+be used for printing information about the last login,
+which can be done by adding the following shell
+sequence to @file{~/.prelogin} and make it executable
+by everyone (that can access your home directory, that
+is, just you and root):
+
+@example
+echo 'Last login:' ; lastlog --user $USER | tail -n 1
+@end example
+
+
+
+@node GNU Free Documentation License
+@appendix GNU Free Documentation License
+@include fdl.texinfo
+
+@bye
+