Commit Graph

40 Commits

Author SHA1 Message Date
David E. O'Brien
8e00cef74d Use bzip2 instead of gzip for those logs we compress.
Basic idea agreed to by:	rwatson
2002-09-12 17:28:07 +00:00
Gregory Neil Shapiro
519c4f1816 Change the default permissions for the sendmail statistics file to 0640
instead of 0644 to help protect users against a file locking local
denial of service.

MFC after:	1 day
		pending RE approval
2002-05-24 01:44:53 +00:00
Robert Watson
30d6457c9e Turns out everyone is a lot lazier than I thought. Spell
'authentication.log' as 'auth.log'.

This is also more consistent with syslog facility names.

Sigh. :-)

Submitted by:	asmodai, aeonflux, green, ....
2002-03-11 19:34:57 +00:00
Robert Watson
0ec9497e58 Clean up logging of security information a bit:
o Introduce /var/log/authentication.log, which will be the target for
  auth.info and authpriv.info by default.  Rotate on the same schedule
  as most other logs.  Create at installation.

o Remove logging of auth.info from /var/log/security.log, which will
  return to being only for security feature subsystems (such as ipfw,
  and so on).

This creates a special authentication log, which can now be searched
by scripts for authentication events.
2002-03-11 19:26:29 +00:00
David E. O'Brien
ec0f8380d3 Use tabs where possible. 2001-12-01 17:14:34 +00:00
Jonathan Lemon
dbae8e5b46 Change maillog to have permissions of 640. Users shouldn't be able to
eavesdrop on other users' communications.
2001-09-17 01:33:15 +00:00
Brian Somers
32706fb26f Allow group network to read ppp.log & slip.log.
Suggested by: Jesper Skriver <jesper@FreeBSD.org>
2001-09-03 11:35:17 +00:00
Robert Watson
78eb04b942 o Note that some sites will want to select generally more conservative
permissions on some files, and give hints as to what those permissions
  might be.  Note also that the current more liberal permissions might
  get changed in future revisions.
2001-09-01 21:00:28 +00:00
Robert Watson
585514eb2d o More conservative permissions for kerberos.log: 600 instead of 644.
Reviewed by:	peter
2001-08-31 23:44:51 +00:00
David E. O'Brien
8e4e3be259 Document Bzip2's flag.
PR:		27901
Submitted by:	Anders Nordby <anders@fix.no> (stylistic changes by me)
2001-07-30 15:18:15 +00:00
Poul-Henning Kamp
142ef1abd5 /var/log/console.log should be mode 600.
PR:		25329
Submitted by:	Yoshihiro Koya Yoshihiro.Koya@math.yokohama-cu.ac.jp
MFC after:	1 week
2001-05-28 20:54:34 +00:00
Poul-Henning Kamp
960cada9b8 Log the console output to "/var/log/console.log", not "/var/log/console"
(MFC candidate)
2001-02-17 20:27:58 +00:00
Robert Watson
d6828be55f o Introduce automated log rotation for /var/log/console, the
default syslog target for console messages (when enabled in
  syslog.conf).  Use the same rotation defaults as with
  /var/log/messages -- every 100kb of log, compress back logs,
  and keep five rotated logs.
o Note: phk also thought it would be useful to force rotation
  each boot.  This commit does not introduce such a rotation.

Reviewed by:	phk
2001-02-06 06:07:00 +00:00
Brian Somers
9ed55d1192 Another overhaul of the periodic stuff.
All periodic sub-scripts <larf> now have their return codes interpreted
by periodic(8).  Output may be masked based on variable values in
periodic.conf.

It's also now possible to email periodic output to arbitrary addresses,
or to send it to a log file, examples of which can be found in
newsyslog.conf.

The upshot of it all should be no discernable changes to the default
behaviour of periodic(8).

PR:	21250
2000-09-14 17:19:15 +00:00
Peter Wemm
4944b91311 Change various log file modes from mode 664 to 644. Allowing group
wheel to trash logfiles is not exactly good security policy.  There have
been several gid wheel holes in ports.  Various other files were changed
as well (eg: the locate database were set to more restrictive modes (444)
by their generation scripts) so this should be safe for them.  utmp and
wtmp are mode 644 already on all the systems we checked.

Submitted by:  jkb
Reviewed by:   kris
2000-07-14 01:12:50 +00:00
Robert Watson
13c032fd0e Add two commented out syslog.conf entries, one to demonstrate the use of
an all.log for logging all messages, and one to demonstrate use of loghosts.
Also, a matching entry in newsyslog.conf for all.log.

Per request of Garrett Wollman, also modified the maillog entry to use the
@T newsyslog time specification mechanism.  Because newsyslog doesn't
support the mod date specification machanism, couldn't change other
entries that required more than one execution a month, but less than once
a day.

Approved by:	jkh
Reviewed by:	freebsd-security
2000-02-08 21:57:28 +00:00
Nick Hibma
d98069654d Move /var/cron/log to /var/log/cron 1999-09-06 20:10:27 +00:00
Peter Wemm
9b7a44a60e $Id$ -> $FreeBSD$ 1999-08-27 23:37:10 +00:00
Brian Feldman
fa62586ae7 This is the addition of a syslog(3) security.* top-level category. This
should be used from now on for anything security but not auth-related.
Included are updates for all relevant manpages and also to /etc files,
creating a new /var/log/security. Nothing in the system logs to
/var/log/security yet as of the time of this commit.

Reviewed by:	rgrimes, imp, chris
1999-08-21 18:24:29 +00:00
David E. O'Brien
63b5983b9e Syntax for user/group is changed from "user.group" to "user:group" to be
consistant with chown(8).
1999-06-28 03:15:02 +00:00
David E. O'Brien
eadcd25f72 Fix minor alignment problem. 1999-06-28 03:03:17 +00:00
Ruslan Ermilov
3390b499a2 Damn, forgot this: time -> when. 1999-06-01 11:20:15 +00:00
Ruslan Ermilov
d65a665e4d Sync header line with newsyslog(8).
PR:		11511
Reviewed by:	des
1999-06-01 10:57:38 +00:00
Garrett Wollman
19f1101052 Now that newsyslog is capable of doing this at a specific time,
let it rotate /var/log/wtmp again, and update monthly/200.accounting to
take this into account.  (Some sites might want to change the parameters
of the rotation; it's easier to do this when it's all centralized in
newsyslog.conf.)
1999-01-28 20:03:31 +00:00
Andrey A. Chernov
81fa3bb440 Indicate optional signal number field 1998-06-09 18:26:16 +00:00
Jonathan M. Bresler
f647ad5d86 rotate sendmail statistics file weekly.
keep the last ten weeks of data.
Submitted by:	jmb
1998-04-14 23:08:29 +00:00
Daniel O'Callaghan
8e035c500f PR: 1708, 5448
Remove wtmp
1998-02-09 11:47:51 +00:00
Andrey A. Chernov
2dfeae46e9 Fix ppp log name 1997-06-10 20:39:10 +00:00
Andrey A. Chernov
f61b62f2b6 Not kill ppp now, it uses syslog 1997-06-10 20:06:40 +00:00
Brian Somers
58dc23b716 Update ppp example pid_file name.
Suggested by:	ache
1997-05-10 05:46:52 +00:00
Andrey A. Chernov
fb1c0a8be1 Use newly introduced pid file field now for ppp 1997-05-04 02:41:29 +00:00
Peter Wemm
79403fe300 Revert $FreeBSD$ to $Id$ 1997-02-23 09:21:14 +00:00
Mike Pritchard
3bd176a7c4 Change the header line to read "count" instead of "ngen" so
that it matched the terms used in the manual page.

Closes PR# 2663.
1997-02-05 14:17:11 +00:00
Jordan K. Hubbard
1130b656e5 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
Paul Traina
9852e6a655 Add /var/log/ppp.log from iij ppp 1996-06-22 21:34:03 +00:00
Thomas Graichen
dba0a4da88 added the "-p" option to amd so that it writes it's pid to
/var/run/amd.pid and added the "-l /var/log/amd.log" option there too

added an entry for the "rotation" of /var/log/amd.log to newsyslog.conf
1996-01-16 08:04:06 +00:00
Andrey A. Chernov
a4f267bdf0 Put startslip syslog messages into separate file
Increase rotating log sizes in newsyslog.conf to reflect
more common case
1996-01-07 00:52:50 +00:00
Andrey A. Chernov
615773cb2b Restore broken accounting statistics:
1) It have nothing common to (new)syslog messages
2) acct.* rotating allowed only after "sa -s" run!
1996-01-06 22:19:37 +00:00
Andrey A. Chernov
b48c870e33 /var/account/acct is binary file, mark this fact as 'B' flag 1996-01-06 21:47:07 +00:00
Thomas Graichen
28ae0646aa added the file /etc/newsyslog.conf (config file for
/usr/sbin/newsyslog - see the man-page for it for details) - i put all
the "rotations" which were in /etc/[daily,weekly,monthly] in here
1996-01-05 10:24:03 +00:00