Commit Graph

56 Commits

Author SHA1 Message Date
glebius
7544a6bbea Rotate auth.log and messages at the beginning of a year. Otherwise,
daily security checks 800.loginfail and 900.tcpwrap may produce
false positive alerts.
2012-03-19 09:30:40 +00:00
ed
1204585265 Make init(8) slightly more robust when /dev/console is missing.
If the environment doesn't offer a working /dev/console, the existing
version of init(8) will simply refuse running rc(8) scripts. This means
you'll only have a system running init(8) and nothing else.

Change the code to do the following:

- Open /dev/console like we used to do, but make it more robust to use
  O_NONBLOCK to prevent blocking on a carrier.
- If this fails, use /dev/null as stdin and /var/log/init.log as stdout
  and stderr.
- If even this fails, use /dev/null as stdin, stdout and stderr.

So why us this useful? Well, if you remove the `getpid() == 1' check in
main(), you can now use init(8) inside jails to properly execute rc(8).
It still requires some polishing, as existing tools assume init(8) has
PID 1.

Also it is now possible to use use init(8) on `headless' devices that
don't even have a serial boot console.
2012-03-14 16:22:09 +00:00
ru
71b905ad58 Updated `flags' field description. 2011-05-03 12:22:46 +00:00
ed
4f31d2c5a6 Let rc and periodic infrastructure and newsyslog use the utmpx files. 2010-01-13 19:07:48 +00:00
kensmith
9dad07ee03 The slip.log file got removed along with the MPSAFE tty work. If slip
does ever come back it's probably best if its log file be something that
gets added if the user decided they want to run slip instead of having
it here unconditionally.
2008-12-02 16:46:01 +00:00
brooks
669aee5e44 Remove the C flag from slip.log. The current slip userbase does not
justify the presence of a (usually empty) /var/log/slip.log on every
FreeBSD box.
2008-03-27 03:30:14 +00:00
brooks
14774e80ee - Update etc/rc.d/newsyslog to FreeBSD standards and install it.
- Enable it by default, running newsyslog with -CN which creates files
   that have the C flag specified in /etc/newsyslog.conf.
 - Remove the "newsyslog -CC" call from etc/rc.d/var and the check for
   newsyslog.
 - Add the C flag to entries in /etc/newsyslog.conf that are currently
   installed as part of the base system.

There are two effects from this change:
 - Users who delete default syslog files to stop logging to them
   will need to set newsyslog_enable=NO in rc.conf or remove the C
   flag from those file in /etc/newsyslog.conf or they will come back
   on the next boot.
 - Diskless systems now create the same set of files that ordinary
   systems have by default instead of every file in newsyslog.conf.
2005-03-02 00:40:55 +00:00
mlaier
7f9c2ff639 Style:
- do not comment out entries in newsyslog.conf
 - use tabs to line up inetd.conf

Requested by:	bde
Approved by:	bms(mentor)
2004-04-03 17:52:29 +00:00
mlaier
a19995e562 Add rc.d script to start pflogd and add rcvars etc. Also document vars in
rc.conf(5) and put a sample entry to newsyslog.conf

Reviewed by:	-current
Approved by:	bms(mentor)
2004-04-02 19:25:27 +00:00
fjoe
37726bb4f9 Fix typo in comments:
/etc/syslogd.conf -> /etc/syslog.conf

MFC after:	3 days
2003-08-07 21:04:40 +00:00
gad
75ca6eac45 Add the 'N' flag to the entries for three log files which are *not*
written to by syslogd:  /var/log/{daily.log,weekly.log,monthly.log}

MFC after:	1 week
2003-05-05 19:08:33 +00:00
gad
34e76277d4 Update the comments in this file to reflect the recent changes to
newsyslog.

MFC after:	1 week
2003-05-05 19:05:43 +00:00
des
03a987e08d Introduce debug.log which gets debug.* (most of this would otherwise go
to the great bit-bucket in the sky)
2003-04-08 16:14:02 +00:00
des
2753d4cfa6 Alphabetize. 2003-02-16 13:07:20 +00:00
markm
c54d14202f Rename the ftp log filename for compatability with OpenBSD and NetBSD.
Requested by:	ru
2002-09-21 12:07:35 +00:00
markm
90f120329f Log ftpd stuff in the same way that we log lpd stuff. Too many ftpd's
are attacked for us to throw away this sort of evidence.
2002-09-20 22:10:01 +00:00
obrien
2a2bc463a7 Use bzip2 instead of gzip for those logs we compress.
Basic idea agreed to by:	rwatson
2002-09-12 17:28:07 +00:00
gshapiro
d71c35a87e Change the default permissions for the sendmail statistics file to 0640
instead of 0644 to help protect users against a file locking local
denial of service.

MFC after:	1 day
		pending RE approval
2002-05-24 01:44:53 +00:00
rwatson
2cd75cb889 Turns out everyone is a lot lazier than I thought. Spell
'authentication.log' as 'auth.log'.

This is also more consistent with syslog facility names.

Sigh. :-)

Submitted by:	asmodai, aeonflux, green, ....
2002-03-11 19:34:57 +00:00
rwatson
89e30355de Clean up logging of security information a bit:
o Introduce /var/log/authentication.log, which will be the target for
  auth.info and authpriv.info by default.  Rotate on the same schedule
  as most other logs.  Create at installation.

o Remove logging of auth.info from /var/log/security.log, which will
  return to being only for security feature subsystems (such as ipfw,
  and so on).

This creates a special authentication log, which can now be searched
by scripts for authentication events.
2002-03-11 19:26:29 +00:00
obrien
dd4a3faea4 Use tabs where possible. 2001-12-01 17:14:34 +00:00
jlemon
fd5034bfef Change maillog to have permissions of 640. Users shouldn't be able to
eavesdrop on other users' communications.
2001-09-17 01:33:15 +00:00
brian
a61345d8ba Allow group network to read ppp.log & slip.log.
Suggested by: Jesper Skriver <jesper@FreeBSD.org>
2001-09-03 11:35:17 +00:00
rwatson
ce9df2e905 o Note that some sites will want to select generally more conservative
permissions on some files, and give hints as to what those permissions
  might be.  Note also that the current more liberal permissions might
  get changed in future revisions.
2001-09-01 21:00:28 +00:00
rwatson
1d2c96389f o More conservative permissions for kerberos.log: 600 instead of 644.
Reviewed by:	peter
2001-08-31 23:44:51 +00:00
obrien
067463e262 Document Bzip2's flag.
PR:		27901
Submitted by:	Anders Nordby <anders@fix.no> (stylistic changes by me)
2001-07-30 15:18:15 +00:00
phk
ab5a977c79 /var/log/console.log should be mode 600.
PR:		25329
Submitted by:	Yoshihiro Koya Yoshihiro.Koya@math.yokohama-cu.ac.jp
MFC after:	1 week
2001-05-28 20:54:34 +00:00
phk
5136341131 Log the console output to "/var/log/console.log", not "/var/log/console"
(MFC candidate)
2001-02-17 20:27:58 +00:00
rwatson
b056d4c773 o Introduce automated log rotation for /var/log/console, the
default syslog target for console messages (when enabled in
  syslog.conf).  Use the same rotation defaults as with
  /var/log/messages -- every 100kb of log, compress back logs,
  and keep five rotated logs.
o Note: phk also thought it would be useful to force rotation
  each boot.  This commit does not introduce such a rotation.

Reviewed by:	phk
2001-02-06 06:07:00 +00:00
brian
4484d23ba7 Another overhaul of the periodic stuff.
All periodic sub-scripts <larf> now have their return codes interpreted
by periodic(8).  Output may be masked based on variable values in
periodic.conf.

It's also now possible to email periodic output to arbitrary addresses,
or to send it to a log file, examples of which can be found in
newsyslog.conf.

The upshot of it all should be no discernable changes to the default
behaviour of periodic(8).

PR:	21250
2000-09-14 17:19:15 +00:00
peter
d7ee90746c Change various log file modes from mode 664 to 644. Allowing group
wheel to trash logfiles is not exactly good security policy.  There have
been several gid wheel holes in ports.  Various other files were changed
as well (eg: the locate database were set to more restrictive modes (444)
by their generation scripts) so this should be safe for them.  utmp and
wtmp are mode 644 already on all the systems we checked.

Submitted by:  jkb
Reviewed by:   kris
2000-07-14 01:12:50 +00:00
rwatson
6b5dfacc05 Add two commented out syslog.conf entries, one to demonstrate the use of
an all.log for logging all messages, and one to demonstrate use of loghosts.
Also, a matching entry in newsyslog.conf for all.log.

Per request of Garrett Wollman, also modified the maillog entry to use the
@T newsyslog time specification mechanism.  Because newsyslog doesn't
support the mod date specification machanism, couldn't change other
entries that required more than one execution a month, but less than once
a day.

Approved by:	jkh
Reviewed by:	freebsd-security
2000-02-08 21:57:28 +00:00
n_hibma
6a423db166 Move /var/cron/log to /var/log/cron 1999-09-06 20:10:27 +00:00
peter
289c0d262f $Id$ -> $FreeBSD$ 1999-08-27 23:37:10 +00:00
green
1d06e20aed This is the addition of a syslog(3) security.* top-level category. This
should be used from now on for anything security but not auth-related.
Included are updates for all relevant manpages and also to /etc files,
creating a new /var/log/security. Nothing in the system logs to
/var/log/security yet as of the time of this commit.

Reviewed by:	rgrimes, imp, chris
1999-08-21 18:24:29 +00:00
obrien
d3ca6b9c8b Syntax for user/group is changed from "user.group" to "user:group" to be
consistant with chown(8).
1999-06-28 03:15:02 +00:00
obrien
69070f26c3 Fix minor alignment problem. 1999-06-28 03:03:17 +00:00
ru
aea0b6af53 Damn, forgot this: time -> when. 1999-06-01 11:20:15 +00:00
ru
89933c21f9 Sync header line with newsyslog(8).
PR:		11511
Reviewed by:	des
1999-06-01 10:57:38 +00:00
wollman
86eed8a334 Now that newsyslog is capable of doing this at a specific time,
let it rotate /var/log/wtmp again, and update monthly/200.accounting to
take this into account.  (Some sites might want to change the parameters
of the rotation; it's easier to do this when it's all centralized in
newsyslog.conf.)
1999-01-28 20:03:31 +00:00
ache
9587eb787a Indicate optional signal number field 1998-06-09 18:26:16 +00:00
jmb
417ae6b3e6 rotate sendmail statistics file weekly.
keep the last ten weeks of data.
Submitted by:	jmb
1998-04-14 23:08:29 +00:00
danny
c36ff58ce4 PR: 1708, 5448
Remove wtmp
1998-02-09 11:47:51 +00:00
ache
00b6009b5c Fix ppp log name 1997-06-10 20:39:10 +00:00
ache
d4378fd165 Not kill ppp now, it uses syslog 1997-06-10 20:06:40 +00:00
brian
390899b408 Update ppp example pid_file name.
Suggested by:	ache
1997-05-10 05:46:52 +00:00
ache
c6b8eceac6 Use newly introduced pid file field now for ppp 1997-05-04 02:41:29 +00:00
peter
f173325ac8 Revert $FreeBSD$ to $Id$ 1997-02-23 09:21:14 +00:00
mpp
95348fe9d9 Change the header line to read "count" instead of "ngen" so
that it matched the terms used in the manual page.

Closes PR# 2663.
1997-02-05 14:17:11 +00:00
jkh
808a36ef65 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00