Date: Fri, 20 Apr 2007 05:42:31 +0000 From: "Poul-Henning Kamp" <phk@phk.freebsd.dk> To: Diomidis Spinellis <dds@aueb.gr> Cc: arch@FreeBSD.org, Robert Watson <rwatson@FreeBSD.org>, re@FreeBSD.org Subject: Re: Accounting changes Message-ID: <48538.1177047751@critter.freebsd.dk> In-Reply-To: Your message of "Fri, 20 Apr 2007 00:21:21 %2B0300." <4627DD51.9020003@aueb.gr>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <4627DD51.9020003@aueb.gr>, Diomidis Spinellis writes: >Poul-Henning Kamp wrote: >> In message <20070419212253.L2913@fledge.watson.org>, Robert Watson writes: >> >>>> __dev_t ac_tty; /* controlling tty */ >> >> This field is useless, nobody uses hardwired RS-232 terminals >> anymore. >> >> What we should do is add a systemcall or sysctl, so session creators >> like getty, sshd and similar can install a session indentifying string >> on the session, and then dump that in the accounting. >> >> sshd would log IP+port and possibly also credential used for auth. >> > >Isn't this purpose mostly served by joining the accounting record with >wtmp on the ll_line field to obtain the IP address from the ll_host field? The IP number alone is not a "session identifier", you want the ID of the credential that gave access as well. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?48538.1177047751>