I have switched back to syslog for the purposes of getting this issue resolved, as it currently takes precidence over any other issues on the machine. Once this is resolved I will try to implement changes with metalog.
I currently have sftp-server messages being logged to /var/log/syslog for non-chrooted users. This allows me to see their actions while in an sftp session, which is exactly what I want. However, once a chrooted user logs in, logging terminates after control is passed from rssh to sftp-server. After looking at the file CHROOT which was mentioned, it seemed to make sense that logging is not taking place because, after chrooting, the system no longer has access to the /dev/log fifo. So, following the recommendations in the readme, I started syslogd with a parameter pointing it to /mount/point/dev/log, with no change. I then tried manually creating a fifo using mknod -p. Still, no effect. Either I am missing something terrribly obvious here, or there is something which is not being taken in to consideration. If anybody has logging working correctly WITHIN theiir chroot environment (using syslog, or any other logging system), could you please offer some assistance and perhaps post relevant parts of your logger config file? I would greatly appreciate the help. Relevant info: Syslog started with command:/usr/sbin/syslogd -a /server/server/dev/log server2k dev # ls -lt /server/server/dev | grep log prw-rw-rw- 1 root root 0 Apr 21 23:01 log Sftp-server configuration line in sshd_config: Subsystem sftp /usr/lib/misc/sftp-server -l INFO -f USER An entry I made in syslog.conf in an attempt to catch and redirectsftp-server messages, which apparantly didn't do much: sftp-server.* /var/log/sftpd/current -----Original Message----- From: Derek Martin [mailto:[EMAIL PROTECTED] Sent: Saturday, April 21, 2007 1:44 PM To: Marc Racette Cc: [email protected] Subject: Re: RSSH logging On Sat, Apr 21, 2007 at 12:31:31PM -0400, Marc Racette wrote: > Hi Derek, > > Thanks for the reply. I did look extensively through the > documentation files that came with my installation of RSSH, and I also > checked the website FAQ before I sent out this email, but I wasn't > able to find anything relating to logging or setting up the jail to > make sure logging is set up appropriately. Could you please point me > in the right direction as to where to look for this information? Look at the file CHROOT in the source tarball, or in your distribution's documentation directory if you're using a package. Search for "log" in the file, and you'll no doubt find what you're looking for. There's an entire section on logging in this file... > A bit more information about my setup: > > The sftp subsystem is set up to log to /var/log/sftpd. The logging > ssystem im using is metalog. I don't know about Metalog, but the same basic principles ought to apply to that as to syslog. Logs are probably written by writing to a socket. You'll need such a socket inside your jail. You'll have to read your documentation to figure out how to do that. The Metalog folks may be able to help you. If they can't, I'd switch back to syslog... -- Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0x81CFE75D ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ rssh-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/rssh-discuss
