[Bug 906] syslog messages from sshd [net] lost

Fri Jul 23 09:38:48 EST 2004

http://bugzilla.mindrot.org/show_bug.cgi?id=906

           Summary: syslog messages from sshd [net] lost
           Product: Portable OpenSSH
           Version: 3.8.1p1
          Platform: All
        OS/Version: Linux
            Status: NEW
          Severity: minor
          Priority: P2
         Component: sshd
        AssignedTo: openssh-bugs at mindrot.org
        ReportedBy: peak at argo.troja.mff.cuni.cz

sshd [net] is chrooted and cannot access /dev/log. This means syslog() cannot
talk to syslogd and all messages logged by this process are rerouted to the
nearest blackhole. The problem is not apparent at the default LogLevel (in fact
things look better this way at the first glance because superfluous invocations
of auth_log() in the child are suppresed).

Some implementations of syslogd are able to listen on additional sockets but 1.
other implementations lack this feature, 2. one has to mess with syslogd
configuration when sshd is installed.

An alternative approach would be to send log messages to the monitor and let the
monitor forward them to syslogd. I've got a PoC implementation and it appears to
work.

What do you think?

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.