syslog all commands
Im looking for a way to syslog all commands run my a group of users, i was looking at the authpriv.debug but it doesn't log _every_ command, is there anyother way to syslog all the commands run by a user? thanks -Lawrence ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: syslog all commands
I was kinda hoping for arguments as well, and possibly the time and date of when it was run. On 6/18/06, David Scheidt [EMAIL PROTECTED] wrote: On Sun, Jun 18, 2006 at 06:06:45PM -0700, Lawrence Horvath wrote: Date: Sun, 18 Jun 2006 18:06:45 -0700 From: Lawrence Horvath [EMAIL PROTECTED] To: freebsd-questions@freebsd.org Subject: syslog all commands Im looking for a way to syslog all commands run my a group of users, i was looking at the authpriv.debug but it doesn't log _every_ command, is there anyother way to syslog all the commands run by a user? Is process accounting good enough? It'll record the name of the commands run by all users, what terminal they were run from, how much cpu time they used, and start and stop times. See the man pages for acct(5) and lastcomm(1). It's turned on by setting accounting_enable=YES in /etc/rc.conf, and running /etc/rc.d/accounting start David I was kinda hoping for arguments as well, and possibly the time and date of when it was run. -- -Lawrence ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Hiding dot files with ftpd
On 6/3/06, Daniel A. Akulenok [EMAIL PROTECTED] wrote: On Sat, June 3, 2006 22:57, Kyrre Nygard wrote: What's up all? Just wondering if it's possible to hide dot files somehow with FreeBSD's default ftpd when I invoke it from inetd? ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -l Thanks, Kyrre ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Hi Kyrre, Files prepended with dots in UNIX operating systems usually symoblize a file which is not shown to the user on a regular basis because the user will actually not _need_ to know of it's prescense in daily use. Therefore, it is entirely up to the FTP client of the user if files prepended with dots are shown or not. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Is there a way to get the ftp server to not list the dot prepended files? if say you REALLY don't want the client to see the files, can you get the server to not send it in a list reply? and by the same means could you get the server to not list dirs as well?(that was just being my curiosity) -- -Lawrence ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
forcing boot
How can i force normal boot up even if the filesystem was uncleanly dismounted, i have a box that it looks like the HD is failing, but i still need some of the info off it, so i would like to get it to boot normally anyway so i can sftp/scp the files off it then i can replace the HD, but it refuses boot anything but single user mode. Thanks -- -Lawrence ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: forcing boot
On 6/4/06, Mikko Työläjärvi [EMAIL PROTECTED] wrote: On Jun 4, 2006, at 2:40 PM, Lawrence Horvath wrote: How can i force normal boot up even if the filesystem was uncleanly dismounted, i have a box that it looks like the HD is failing, but i still need some of the info off it, so i would like to get it to boot normally anyway so i can sftp/scp the files off it then i can replace the HD, but it refuses boot anything but single user mode. In single user mode /etc/netstart should bring up the network. If you have data on partitions other than the root, you can manually mount them read-only. $.02, /Mikko ahh netstart shoulde work great, gonna try that soon as i get home, thank you, i think thats just what i needed -- -Lawrence ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: sudoedit, restricting to particular folder
Well, the problem with that would be that we are editing about 4000 zone files(that includes forwards and reverses) so an entry for each zone wouldnt do, that it why i was hoping to make it effective on a whole folder, not just one file or two. I was considering a folder permissions solution, that seems like it would work well i think, then i could use sudo to resrict to only rndc and let them have group write access on the zones folder, i think that would be better then sudoedit. On 6/2/06, N.J. Thomas [EMAIL PROTECTED] wrote: * Lawrence Horvath [EMAIL PROTECTED] [2006-06-01 22:13:39 -0700]: well in that case what can uyou recommend for editing only zone files and being able to run rndc, that is my main goal, i need to lock a system so that only rndc reload, rndc reconfig and editing zone files is possible by a group of users, any suggestins? and/or how do you do this? Restricting a group of users to run only rndc reload and rndc reconfig via sudo is trivial. sudoers(1) will explain how, and the sudoers file that comes with sudo is chock full of examples. Off the top of my head, you would do something like this: User_Alias DNSOPS= user1, user2, user3 Cmnd_Alias DNSRELOAD = /usr/sbin/rndc reload Cmnd_Alias DNSRECONF = /usr/sbin/rndc reconfig DNSOPS ALL = DNSRELOAD, DNSRECONF Don't know if that parses properly, but you get the idea. As far as editing only zone files, if you know the names of the files that they need to edit, something like this is sufficient: DNSOPS ALL = sudoedit /etc/named.conf DNSOPS ALL = sudoedit /etc/rndc.conf DNSOPS ALL = sudoedit /var/named/zone1 DNSOPS ALL = sudoedit /var/named/zone2 However, if your users need to be able to create/modify/rename files under /var/named (as you mentioned in your OP), then you will need a properly written wrapper script. Thomas -- N.J. Thomas [EMAIL PROTECTED] Etiamsi occiderit me, in ipso sperabo -- -Lawrence ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: sudoedit, restricting to particular folder
well in that case what can uyou recommend for editing only zone files and being able to run rndc, that is my main goal, i need to lock a system so that only rndc reload, rndc reconfig and editing zone files is possible by a group of users, any suggestins? and/or how do you do this? On 5/31/06, N.J. Thomas [EMAIL PROTECTED] wrote: * Kirk Strauser [EMAIL PROTECTED] [2006-05-30 16:30:45 -0500]: luser ALL = (root) sudoedit /home/luser/foo/* Why not give them root while you're at it: luser$ cd ~/foo; ln -s /etc/master.passwd; sudoedit ~/foo/master.passwd Yikes, he's right. Don't put that in your sudoers file. I found some notes on the sudo mailing lists while Googling, that luser ALL = (root) sudoedit /home/luser/foo/ would work one day for all files in /home/luser/foo/, IIRC Todd Miller said this would come out in version 1.7, but it looks like development of sudo has stalled, so short of writing your own wrapper script (which shouldn't be terribly hard) I don't know how to solve the original problem of restricting sudoedit to a particular directly using sudo alone. Thomas -- N.J. Thomas [EMAIL PROTECTED] Etiamsi occiderit me, in ipso sperabo -- -Lawrence ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
sudoedit
I am trying to get sudoedit to only work on a certain folder. So that you can only sudoedit files with in the /home/named folder. Cmnd_Alias COPY = /usr/local/bin/sudoedit /home/named/, /bin/cp, /bin/mv it would be something like that only that's not working. $ uname -a FreeBSD ns1.sporkton.com 6.0-RELEASE FreeBSD 6.0-RELEASE #0: Thu Nov 3 09:36:13 UTC 2005 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC i386 $ sudo -V Sudo version 1.6.8p9 Thanks -- -Lawrence ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Setting up NIS questions?
There isnt a way to specify which ip or interface NIS will bind to? On 5/19/06, Derek Ragona [EMAIL PROTECTED] wrote: If memory serves YP will grab the first interface. If you switch the stacks/IPs on the interfaces I think you will get what you want. -Derek At 05:48 PM 5/19/2006, Steve Kargl wrote: I have 2 NICS in the master node of a small cluster. bge0 is connected to the outside world with a FQDN and registered DNS IP address. bge1 is connected to a 192.168.0.x internal network. I'm trying to configure NIS for the internal network, but ypinit is grabbing the FQDN. I've read the Handbook and ypinit manual page without too much enlightment. :( What I'm after is 192.168.0.10 NIS master server 192.168.0.11 NIS slave server 192.168.0.[12-15] NIS clients Anyone have a pointer to a method to achieve my goals. -- Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- -Lawrence ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: New FreeBSD Logo
On 5/9/06, Jonathan Horne [EMAIL PROTECTED] wrote: Greetings: I just looked at the new FreeBSD logo and it's an interesting abstraction of the daemon motif of the old logo. Among other things, like running two installations of FreeBSD v6, one as a production server to host my web site and the other as a desktop and development server, I do fine art and graphics. The logo has an etherial feel to it (forgive the pun). But if someone new to FreeBSD sees the logo and hasn't seen the old logo, he or she might wonder what the cone shaped designs are sticking out of the glass like ball and what they are supposed to represent. So aesthetically it's engaging but too much of an abstraction of the theme. As far as psychology goes, Apple uses the apple with a bite out of it which has a dual significance. One that invokes the idea of giving an apple to the teacher and the other is the Biblical symbol of temptation and transgression. I think that that is why Apple doesn't have a bigger market share. The FreeBSD logo pushes a similar button. The icon of the adversary. I am not offended by the new or the old logo, accept that there seems to be too much of a trend toward cartoon character art. This, I presume is to appeal to the child in us all. But seriously when do we actually get to be grownups. I like FreeBSD. But I wouldn't but a logo sticker on my windshield. I have used Macs from the beginning and don't have a Mac logo sticker on anything, either. I have and use Linux systems and don't particularly care for the cute little penguin either. I have seen a more mature take on the penguin emblem that I was impressed with. It was used by a L.U.G. based in Maryland or thereabouts. I would like to see a mature logo for FreeBSD. Thanks all for being here; Jk i dont mind saying that i think i must be about the only one who likes the new art. i think its very modern looking, crisp and abreviated, un-childish, but at the same time not too serious or ominous. ive actually thought about printing out some examples of both versions, carrying it down to our artists in our print studio, and taste testing them with professional artists who couldnt give one care about anything technical. *shrug* would be an interesting experiment, to say the least. jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] I quite like the new logo, i think the new one is far more professional then the old one, though i liked them both. -- -Lawrence ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ftp server
I cant even get to ftp://ftp.csua.berleley.edu/pub digging ftp.csua.berleley.edu results in null, so does digging csua.berleley.edu you may want to try a different mirror On 4/23/06, Bret Esquivel [EMAIL PROTECTED] wrote: Try ftp://ftp.csua.berleley.edu/pub/.1/ports/distfiles/staroffice52/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Sunday, April 23, 2006 9:55 PM To: freebsd-questions@FreeBSD.org Subject: ftp server Dear FreeBSD: I can get to your web page www.freebsd.org/cgi//pds.cgi?ports/editors/staroffice52. I can find the staroffice52 info, one of which is sources. when I click on sources I arrive at a page which gives me a lot of ftp sites for downloading so-5 2-ga-bin-linux-en.bin, or 109939-03.tar.Z. However, when I enter ftp.csua.berleley.edu/pub/.1/ports/distfiles/staroffice52/ (no quotes) into my trustry little ftp software package, I cannot connect. I have been able to download openoffice from ftp.freebsd.org, but I don't want openoffice. Is there something wrong with ftp.csua, or is there something with newbe me? Hope you can help, thanks. ___ Try the New Netscape Mail Today! Virtually Spam-Free | More Storage | Import Your Contact List http://mail.netscape.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- -Lawrence ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]