Re: auditd as logrotate replacement?
Hi Arthur and discussion round, On Wed, 25 Apr 2001, Arthur Korn wrote: So, basically, since auditd does feature encryption, it does not have any chance to be the default for log rotation, even if it was a lot better than logrotate? What giant pile of crap. But what you could do is a virtual package that depends either on logrotate or auditd. That way the user *has* to install a logrotater but can choose between the two options. Or am I missing sth? *t Tomas Pospisek SourcePole - Linux Open Source Solutions http://sourcepole.ch Elestastrasse 18, 7310 Bad Ragaz, Switzerland Tel: +41 (81) 330 77 11
Re: auditd as logrotate replacement?
On Thu, Apr 26, 2001 at 01:48:29PM -0300, Alejo Sanchez wrote: On Wed, Apr 25, 2001 at 08:35:51PM -0300, Alejo Sanchez wrote: well, your version would do it the dlopen() way. actually we were going to ask if there was a restriction on depending on dlopen(), as it could be possible on some non-dynamic plataforms. (no shared libraries, no dl library) [...] I was only asking if release applications from debian are allowed to have dlopen() (even if it isn't used on most situations) AFAIK some OS don't, ie. OpenBSD. I am not aware of any issues in using dlopen() within Debian except requiring some care over dependencies: if you require the library, you must make sure that the dependencies in your package ensure that the library is installed (ldd/objdump won't see it), and if you don't absolutely need it, you must ensure that the code doesn't fail if the library is not present. Julian -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Julian Gilbey, Dept of Maths, Queen Mary, Univ. of London Debian GNU/Linux Developer, see http://people.debian.org/~jdg Donate free food to the world's hungry: see http://www.thehungersite.com/
Re: auditd as logrotate replacement?
On Wed, Apr 25, 2001 at 08:35:51PM -0300, Alejo Sanchez wrote: well, your version would do it the dlopen() way. actually we were going to ask if there was a restriction on depending on dlopen(), as it could be possible on some non-dynamic plataforms. (no shared libraries, no dl library) You could look at libltdl from the libtool suite. I guess you could always use configure tests to figure this sort of stuff out. Julian -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Julian Gilbey, Dept of Maths, Queen Mary, Univ. of London Debian GNU/Linux Developer, see http://people.debian.org/~jdg Donate free food to the world's hungry: see http://www.thehungersite.com/
Re: auditd as logrotate replacement?
Julian Gilbey wrote: On Wed, Apr 25, 2001 at 08:35:51PM -0300, Alejo Sanchez wrote: well, your version would do it the dlopen() way. actually we were going to ask if there was a restriction on depending on dlopen(), as it could be possible on some non-dynamic plataforms. (no shared libraries, no dl library) You could look at libltdl from the libtool suite. I guess you could always use configure tests to figure this sort of stuff out. Julian I was only asking if release applications from debian are allowed to have dlopen() (even if it isn't used on most situations) AFAIK some OS don't, ie. OpenBSD. Alejo
Re: auditd as logrotate replacement?
On Apr 26, Alejo Sanchez [EMAIL PROTECTED] wrote: I was only asking if release applications from debian are allowed to have dlopen() (even if it isn't used on most situations) The patched mutt 1.2.x I maintain for debian does exactly this to support SSL and kerberos. -- ciao, Marco
RE: auditd as logrotate replacement?
On 25-Apr-2001 Arthur Korn wrote: Hi I got an offer from the friendly people at Core-SDI to make auditd (server part of theyer BSD licenced, in development, log management software) a full (read: better) replacement for logrotate. Will a package in non-US/main have any chance to be accepted as full replacement for logrotate? As I understand being in non-US does not mean that anybody can't use it, just that it can't be distributed from mirrors in certain (braindead) countries. as long as lograte can be installed first, then I can later install auditd and everything will just work, sure. Since it is in non-us, at least for now that means it will not appear on a official debian cd.
Re: auditd as logrotate replacement?
Sean 'Shaleh' Perry schrieb: as long as lograte can be installed first, then I can later install auditd and everything will just work, sure. I can't use logrotate with msyslog, it won't work, logrotate is just too limited. This would mean I have to move msyslog to non-US, since I will make it depend on auditd. So, basically, since auditd does feature encryption, it does not have any chance to be the default for log rotation, even if it was a lot better than logrotate? What giant pile of crap. Since it is in non-us, at least for now that means it will not appear on a official debian cd. Did I say I hate it? Shaleh, don't take it personally ... ciao, 2ri -- locate sunny|grep place|xargs cat|paste ~/me sleep 4h
Re: auditd as logrotate replacement?
On 25-Apr-2001 Arthur Korn wrote: Sean 'Shaleh' Perry schrieb: as long as lograte can be installed first, then I can later install auditd and everything will just work, sure. I can't use logrotate with msyslog, it won't work, logrotate is just too limited. This would mean I have to move msyslog to non-US, since I will make it depend on auditd. 100% correct. So, basically, since auditd does feature encryption, it does not have any chance to be the default for log rotation, even if it was a lot better than logrotate? What giant pile of crap. unfortunately, yes. Maybe in a year. Or maybe 6 months. But not today.
Re: auditd as logrotate replacement?
On Wed, Apr 25, 2001 at 01:03:03PM -0700, Sean 'Shaleh' Perry wrote: Since it is in non-us, at least for now that means it will not appear on a official debian cd. When I burned the 2.2r2 iso's last December, there was both a crippled and a non-us ISO for the first CD (binary-i386-1). Both were official debian CDs, as I recall. Has this changed? -S
Re: auditd as logrotate replacement?
Steve M. Robbins wrote: On Wed, Apr 25, 2001 at 01:03:03PM -0700, Sean 'Shaleh' Perry wrote: Since it is in non-us, at least for now that means it will not appear on a official debian cd. When I burned the 2.2r2 iso's last December, there was both a crippled and a non-us ISO for the first CD (binary-i386-1). Both were official debian CDs, as I recall. Has this changed? -S Hi, Audit[d] has no crypto code itself. The only thing are hash functions (md5, sha1, rmd160) wich are not restricted for any export anywhere (and AFAIK Debian has them already). What it does use for crypto is openssl's libcrypt, wich is NOT needed when used as a simple (traditional) rotate system. So Debian can ship audit[d], and if a user wants it's advanced crypto support, she/he should install openssl package. Also with using auditd you have support to log protection through hashing, and many other things. Feel free to ask me anything you please about audit[d] Alejo
Re: auditd as logrotate replacement?
What it does use for crypto is openssl's libcrypt, wich is NOT needed when used as a simple (traditional) rotate system. So Debian can ship audit[d], and if a user wants it's advanced crypto support, she/he should install openssl package. does it dlopen this? in other words, if I have a system without openssl installed will auditd still work? If so, sounds like it can indeed live in main.
Re: auditd as logrotate replacement?
Sean 'Shaleh' Perry wrote: What it does use for crypto is openssl's libcrypt, wich is NOT needed when used as a simple (traditional) rotate system. So Debian can ship audit[d], and if a user wants it's advanced crypto support, she/he should install openssl package. does it dlopen this? in other words, if I have a system without openssl installed will auditd still work? If so, sounds like it can indeed live in main. well, your version would do it the dlopen() way. actually we were going to ask if there was a restriction on depending on dlopen(), as it could be possible on some non-dynamic plataforms. (no shared libraries, no dl library) Alejo
