1581 – Pb with syslog

Bug 1581 - Pb with syslog

Summary: Pb with syslog

Status:	CLOSED INVALID

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	sshd (show other bugs)
Version:	5.2p1
Hardware:	SPARC Solaris

Importance:	P1 major
Assignee:	Assigned to nobody

URL:
Keywords:

Depends on:
Blocks:

Reported:	2009-04-01 01:41 AEDT by eric.savidan
Modified:	2009-10-06 15:02 AEDT (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description eric.savidan 2009-04-01 01:41:33 AEDT

Hello,

I can not get logs with syslog daemon, nor syslog-ng daemon.

On my Solaris 9 server, I've got sshd (3.7.1p2_build2004-04-23) installed natively in the OS (/usr/local/sbin/sshd).

I added another openssh instance, on a different port, different PID file, ... It's working fine but I've got no log.

I tried with "SyslogFacility AUTH" and "SyslogFacility LOCAL2" but always KO.

I added this line in /etc/syslog.conf file :
local2.info                      /var/adm/syslog/ESASSH2.log

If i use logger command, /var/adm/syslog/ESASSH2.log is updated :
logger -p local2.info "Message for LOCAL2 facility"
==>
cat /var/adm/syslog/ESASSH2.log
-->
Mar 31 14:57:38 fepapp-ren-s029 root: [ID 702911 local2.info] Message for LOCAL2 facility

I tried to configure syslog-ng daemon but without success.

So, I don't know if it's a openssh problem or a syslog problem ?

Thanks in advance for your help.

Regards

PS : I have to validate this architecture till the end of this week

Comment 1 Darren Tucker 2009-04-05 22:32:27 AEST

3.7x is many years old and since it seems to be a modified binary we have no way of knowing what's in it.  I suggest you seek help from whoever provided you the binary.

The only thing I can guess is that you're modifying a sshd_config file other than the one sshd is looking at (but again, since it's binary of unknown provenance I don't know what it's doing).

Can you reproduce the problem with a version compiled from the source at http://www.openssh.com?

Comment 2 eric.savidan 2009-04-07 02:35:14 AEST

Hello,

in fact, on my server, there are 2 openssh servers :
- openssh 3.7 installed natively by Solaris OS
- openssh 5.2p1 that I compiled and installed separately

I use openssh.server script to stop and start my openssh 5.2p1 server.

And I've just realized that the "-e" option was set. So no log via syslog... Sorry.

So, I think, there is no bug with openssh.

Just a question : I get connection logs but there is no log concerning transfers of data (get, put, ...). Is it normal ?

Regards.

Comment 3 Darren Tucker 2009-04-07 10:17:23 AEST

(In reply to comment #2)
> Just a question : I get connection logs but there is no log concerning
> transfers of data (get, put, ...). Is it normal ?

sftp logging is relatively new (it's not in 3.7, it is in 5.2) and is not on by default.  See the sftp-server(8) man page.

Comment 4 eric.savidan 2009-04-10 18:02:03 AEST

Thanks for your help :-)

Regards.

Comment 5 Damien Miller 2009-10-06 15:02:48 AEDT

Mass move of RESOLVED bugs to CLOSED now that 5.3 is out.