it does come back it would probably be better if users who were interested
in slip added appropriate lines instead of this being here unconditionally.
Reminded by: tut <at> nhamon <dot> com <dot> ua
this can cause a really heavy load on system. Several kernel debugging
messages can be triggered even remotely (e.g. bad ARP replies).
Use kern.warning instead, so that really significant messages still
will be printed on console.
Reviewed by: current@
MFC after: 1 week
Security: this change fixes a DoS condition, when default system
console is serial, and box is flooded with bogus ARP
packets
o Introduce /var/log/authentication.log, which will be the target for
auth.info and authpriv.info by default. Rotate on the same schedule
as most other logs. Create at installation.
o Remove logging of auth.info from /var/log/security.log, which will
return to being only for security feature subsystems (such as ipfw,
and so on).
This creates a special authentication log, which can now be searched
by scripts for authentication events.
systems due to sshd not using the security log class. Tweak syslog.conf
so that /var/log/security also gets a useful set of
authentication-related logging.
Submitted by: aeonflux@synapse.subneural.net
MFC after: 4 weeks
an all.log for logging all messages, and one to demonstrate use of loghosts.
Also, a matching entry in newsyslog.conf for all.log.
Per request of Garrett Wollman, also modified the maillog entry to use the
@T newsyslog time specification mechanism. Because newsyslog doesn't
support the mod date specification machanism, couldn't change other
entries that required more than one execution a month, but less than once
a day.
Approved by: jkh
Reviewed by: freebsd-security
should be used from now on for anything security but not auth-related.
Included are updates for all relevant manpages and also to /etc files,
creating a new /var/log/security. Nothing in the system logs to
/var/log/security yet as of the time of this commit.
Reviewed by: rgrimes, imp, chris
news.notice info should not be sent to /var/log/messages, as news has
its own set of logs and notice is overused by inn
added entries for newsservers (but they're commented out)
Further it implements crontab -e.
I moved cron from /usr/libexec to /usr/sbin where most daemons are
that are run from rc. That also gets rid of the ugly path crond
used to have in ps(1) outputs. Further I renamed it to cron, as
Paul Vixie likes it and is done by NetBSD.
NOTE VERY WELL THE FOLLOWING:
1) Systems crontab changed. Every users crontab resides in /var/cron
*EXCEPT* root's. This is a special crontab as it resides in
/etc. Further it is the *ONLY* crontab file in which you specify
usernames. See /usr/src/etc/crontab. This is also done by BSDI's
BSD/386 as far as I know (they provided the patches for it anyway)
2) So you *must* delete root's crontab and reinstall the copy
in /etc from /usr/src/etc.
'Must' is to much: the old installed crontab will work but cron
will also try to 'run' /etc/crontab.
3) Last but not least: cron's logging is now done via syslog. Note
that logging by cron is done lowercase when it logs about itsself
and uppercase when it logs user events, like installing a new crontab.
The default logfile file is the same as before:
syslog.conf:cron.* /var/cron/log
-Guido