From owner-freebsd-questions@FreeBSD.ORG  Thu Jun  9 13:11:45 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 71F6416A41C
	for <freebsd-questions@freebsd.org>;
	Thu,  9 Jun 2005 13:11:45 +0000 (GMT) (envelope-from emin@mccme.ru)
Received: from ns.mccme.ru (ns.mccme.ru [62.117.108.2])
	by mx1.FreeBSD.org (Postfix) with ESMTP id AD9E343D48
	for <freebsd-questions@freebsd.org>;
	Thu,  9 Jun 2005 13:11:44 +0000 (GMT) (envelope-from emin@mccme.ru)
Received: from mccme.ru (IDENT:root@mccme.ru [62.117.108.7])
	by ns.mccme.ru (8.12.10/8.12.10) with ESMTP id j59DM5v4039061
	for <freebsd-questions@freebsd.org>;
	Thu, 9 Jun 2005 17:22:05 +0400 (MSD) (envelope-from emin@mccme.ru)
Received: from mccme.ru (IDENT:emin@localhost.mccme.ru [127.0.0.1])
	by mccme.ru (8.9.3/8.9.3) with SMTP id RAA18993
	for <freebsd-questions@freebsd.org>; Thu, 9 Jun 2005 17:12:23 +0400
Date: Thu, 9 Jun 2005 17:12:23 +0400
From: "Eugene M. Minkovskii" <emin@mccme.ru>
To: freebsd-questions@freebsd.org
Message-ID: <20050609131223.GA18795@mccme.ru>
Mime-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
User-Agent: Mutt/1.4.2.1i
Organization: MCCME Moscow
X-MCCME-Spam: No, score=0.346 required=5 tests=AWL, FORGED_RCVD_HELO, HOT_NASTY,
	SPF_HELO_PASS
Subject: (fwd) sshd events
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Jun 2005 13:11:45 -0000

Hello.

I need fixing in mysql database sshd events: some user try to
loggin in from ip xxx.xxx.xxx.xxx and use account xxx. But my
/var/log/auth.log has not nessesary information (for example: if
I put some users into AllowGroups, in logs I can read something
like this: "User xxx not allowed because none of user's groups
are listed in AllowGroups", and I can't see from what IP I got
this request.)

Moreover, I think parsing auth.log is not beautelul idea. Can
sshd do some actions after he allow or deny connection? Can he
run some script with some arguments?

-- 
Sensory  yours, Eugene  Minkovskii
Сенсорно ваш,   Евгений Миньковский