From owner-freebsd-security Sun May 24 23:34:58 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id XAA02738 for freebsd-security-outgoing; Sun, 24 May 1998 23:34:58 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from antipodes.cdrom.com (castles213.castles.com [208.214.165.213]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id XAA02492 for ; Sun, 24 May 1998 23:33:52 -0700 (PDT) (envelope-from mike@antipodes.cdrom.com) Received: from antipodes.cdrom.com (localhost [127.0.0.1]) by antipodes.cdrom.com (8.8.8/8.8.5) with ESMTP id WAA10561; Sun, 24 May 1998 22:28:50 -0700 (PDT) Message-Id: <199805250528.WAA10561@antipodes.cdrom.com> X-Mailer: exmh version 2.0zeta 7/24/97 To: Wes Peters cc: Philippe Regnauld , Mike Smith , freebsd-security@FreeBSD.ORG Subject: Re: SKey and locked account In-reply-to: Your message of "Fri, 22 May 1998 07:24:54 MDT." <35657CA6.D93AC10D@softweyr.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sun, 24 May 1998 22:28:50 -0700 From: Mike Smith Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk > Yeah, this little bit of UNIX arcana has been batted back and forth > for years. At least FreeBSD *has* a nologin program, see nologin(8). > I don't like it, because it doesn't log the failed access. Here's my > replacement, which does: > syslog(LOG_CRIT, "%s on %s", user, device); Why LOG_CRIT? I would have expected something a little lower perhaps? (Especially if you're using it in an ISP context...) At any rate, how do people feel about this? How about a shellscript version using logger(8)? -- \\ Sometimes you're ahead, \\ Mike Smith \\ sometimes you're behind. \\ mike@smith.net.au \\ The race is long, and in the \\ msmith@freebsd.org \\ end it's only with yourself. \\ msmith@cdrom.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message