Aw: Re: Howto log multiple sftpd instances with their chroot shared via NFS

Hildegard Meier daku8938 at gmx.de
Sat Sep 25 01:03:19 AEST 2021


Thanks, this sounds interesting and maybe in this direction could be the solution? But I do not understand you precisely.

> source s_chroot_<username> { unix-stream("/var/data/chroot/<username>/dev/hostname1/log" optional(yes) ); };
You mean there should be
/var/data/chroot/<username>/dev/hostname1/log
/var/data/chroot/<username>/dev/hostname2/log

?

> (May need to add a symlink on each host /dev/log->/dev/<hostname1>/log)
You mean there should be the Symlink
/var/data/chroot/<username>/dev/log -> /var/data/chroot/<username>/dev/hostname1/log

?

> Do the above for second server, hostname2, use /dev/<hostname2>/log

It would not be possible to have a Symlink
/var/data/chroot/<username>/dev/log -> /var/data/chroot/<username>/dev/hostname2/log

since /var/data/chroot/<username>/dev/log is already a Symlink to /var/data/chroot/<username>/dev/hostname1/log
(see first step), and it is the same NFS filesystem.



> Gesendet: Freitag, 24. September 2021 um 16:08 Uhr
> Von: "Douglas E Engert" <deengert at gmail.com>
> An: openssh-unix-dev at mindrot.org
> Betreff: Re: Howto log multiple sftpd instances with their chroot shared via NFS
>
> On 9/21/2021 4:49 AM, Hildegard Meier wrote:
>
> >
> > How can I get the sftp user's activity be logged on each sftp server, when a user logs in to that server, while the user's home is shared on both servers via NFS?
>
> based on:
> https://www.syslog-ng.com/technical-documents/doc/syslog-ng-open-source-edition/3.18/administration-guide/88
>
> This might work for a few sftp servers.
> On first server, hostname1, use /dev/<hostname1>/log for all its default logging and its normal syslog-ng.conf and for the special
> syslog-ng.conf:
> source s_chroot_<username> { unix-stream("/var/data/chroot/<username>/dev/hostname1/log" optional(yes) ); };
> (May need to add a symlink on each host /dev/log->/dev/<hostname1>/log)
>
> Do the above for second server, hostname2, use /dev/<hostname2>/log
>
> Then add these to the chroot directories in NFS:
> /var/data/chroot/<username>/dev/<hostname1>/log
> /var/data/chroot/<username>/dev/<hostname2>/log
>
> This should cause hostname1 to lock on  /var/data/chroot/<username>/dev/<hostname1>/log
> and hostname 2 to lock on /var/data/chroot/<username>/dev/<hostname2>/log
> because the syslog-ng does not really look at the syslog-ng.conf in the chroot.
>



More information about the openssh-unix-dev mailing list