From owner-freebsd-arch@FreeBSD.ORG Fri Apr 20 06:02:46 2007 Return-Path: X-Original-To: arch@FreeBSD.org Delivered-To: freebsd-arch@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 3318316A400; Fri, 20 Apr 2007 06:02:46 +0000 (UTC) (envelope-from dds@aueb.gr) Received: from mx-out-05.forthnet.gr (mx-out.forthnet.gr [193.92.150.103]) by mx1.freebsd.org (Postfix) with ESMTP id A716813C448; Fri, 20 Apr 2007 06:02:45 +0000 (UTC) (envelope-from dds@aueb.gr) Received: from mx-av-01.forthnet.gr (mx-av.forthnet.gr [193.92.150.27]) by mx-out-05.forthnet.gr (8.13.8/8.13.8) with ESMTP id l3K62iTS029771; Fri, 20 Apr 2007 09:02:44 +0300 Received: from MX-IN-02.forthnet.gr (mx-in-02.forthnet.gr [193.92.150.185]) by mx-av-01.forthnet.gr (8.14.1/8.14.1) with ESMTP id l3K62haT032115; Fri, 20 Apr 2007 09:02:43 +0300 Received: from [192.168.136.22] (ppp121-97.adsl.forthnet.gr [193.92.228.97]) by MX-IN-02.forthnet.gr (8.14.1/8.14.1) with ESMTP id l3K62aYJ009244; Fri, 20 Apr 2007 09:02:37 +0300 Authentication-Results: MX-IN-02.forthnet.gr from=dds@aueb.gr; sender-id=neutral; spf=neutral Message-ID: <46285755.3010208@aueb.gr> Date: Fri, 20 Apr 2007 09:01:57 +0300 From: Diomidis Spinellis User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.9) Gecko/20061211 SeaMonkey/1.0.7 MIME-Version: 1.0 To: Poul-Henning Kamp References: <48538.1177047751@critter.freebsd.dk> In-Reply-To: <48538.1177047751@critter.freebsd.dk> Content-Type: text/plain; charset=ISO-8859-7; format=flowed Content-Transfer-Encoding: 7bit Cc: arch@FreeBSD.org, Robert Watson , re@FreeBSD.org Subject: Re: Accounting changes X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Apr 2007 06:02:46 -0000 Poul-Henning Kamp wrote: > In message <4627DD51.9020003@aueb.gr>, Diomidis Spinellis writes: >> Poul-Henning Kamp wrote: >>> In message <20070419212253.L2913@fledge.watson.org>, Robert Watson writes: >>> >>>>> __dev_t ac_tty; /* controlling tty */ >>> This field is useless, nobody uses hardwired RS-232 terminals >>> anymore. >>> >>> What we should do is add a systemcall or sysctl, so session creators >>> like getty, sshd and similar can install a session indentifying string >>> on the session, and then dump that in the accounting. >>> >>> sshd would log IP+port and possibly also credential used for auth. >>> >> Isn't this purpose mostly served by joining the accounting record with >> wtmp on the ll_line field to obtain the IP address from the ll_host field? > > The IP number alone is not a "session identifier", you want the ID > of the credential that gave access as well. Agreed. But, still, the credential identifier should be part of wtmp and not burden every accounting record. There is also the problem of processes running without a controlling terminal, like non-interactive ssh commands, crontab jobs, and so on. Let's try to solve this in a next version of the accounting record, which should be a lot easier to implement, once we get this one right.