From owner-freebsd-security  Thu Oct 15 06:57:57 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id GAA24397
          for freebsd-security-outgoing; Thu, 15 Oct 1998 06:57:57 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from passer.osg.gov.bc.ca (passer.osg.gov.bc.ca [142.32.110.29])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA24385
          for <freebsd-security@FreeBSD.ORG>; Thu, 15 Oct 1998 06:57:55 -0700 (PDT)
          (envelope-from cy@cschuber.net.gov.bc.ca)
Received: (from uucp@localhost) by passer.osg.gov.bc.ca (8.8.8/8.6.10) id GAA21275; Thu, 15 Oct 1998 06:57:35 -0700 (PDT)
Received: from cschuber.net.gov.bc.ca(142.31.240.113), claiming to be "cwsys.cwsent.com"
 via SMTP by passer.osg.gov.bc.ca, id smtpdh21273; Thu Oct 15 06:57:32 1998
Received: (from uucp@localhost) by cwsys.cwsent.com (8.8.8/8.6.10) id GAA06509; Thu, 15 Oct 1998 06:57:28 -0700 (PDT)
Message-Id: <199810151357.GAA06509@cwsys.cwsent.com>
Received: from localhost.cwsent.com(127.0.0.1), claiming to be "cwsys"
 via SMTP by localhost.cwsent.com, id smtpdII6505; Thu Oct 15 06:57:21 1998
X-Mailer: exmh version 2.0.2 2/24/98
Reply-to: Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca>
From: Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca>
X-Sender: cy
To: "Jeffrey J. Mountin" <jeff-ml@mountin.net>
cc: mike@seidata.com, "N. N.M" <madrapour@hotmail.com>,
        freebsd-security@FreeBSD.ORG, mjenkins@carp.gbr.epa.gov
Subject: Re: Again logging! 
In-reply-to: Your message of "Wed, 14 Oct 1998 14:31:46 CDT."
             <3.0.3.32.19981014143146.0105ff00@207.227.119.2> 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Thu, 15 Oct 1998 06:57:20 -0700
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

> Yes, but the facility is LOG_AUTH if you use the port.  The original source
> uses LOG_MAIL for some odd reason.  Either way it should be logged in
> messages with the original install's syslog.conf, which lumps it in with
> other daemons.
> 
> Personally I change patch-aa to use LOG_LOCAL7 and in syslog.conf I direct
> local7.* to /var/log/tcpd, which IMO should have a logfile to itself.  Then
> again I like to break things down more than the original syslog.conf does,
> which makes it easier to sift out the chaff.

Or you could configure tcpd to log to a file instead of syslog, though 
I wouldn't recommend it.  (I know many sysadmins who do).

I especially like Mike Jenkins' comment.  An excellent suggestion.

I've noticed that the ports, some in particular, have become quite 
configurable.  Yet another opportunity...


Regards,                       Phone:  (250)387-8437
Cy Schubert                      Fax:  (250)387-5766
Open Systems Group          Internet:  cschuber@uumail.gov.bc.ca
ITSD                                   Cy.Schubert@gems8.gov.bc.ca
Government of BC            




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message