Logging details - Kerberos

This is a discussion on Logging details - Kerberos ; Anyone know where one can get find information on syslog events for krb5kdc ? Googled with no success, and man pages and docs seem to be lacking in this respect. Regards, Ted ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Logging details

  1. Logging details

    Anyone know where one can get find information on syslog events for
    krb5kdc ?
    Googled with no success, and man pages and docs seem to be lacking in
    this respect.

    Regards,
    Ted

    ________________________________________________
    Kerberos mailing list Kerberos@mit.edu
    https://mailman.mit.edu/mailman/listinfo/kerberos


  2. Re: Logging details

    You should be able to configure this in your /etc/krb5.conf file
    as follows:

    [logging]
    kdc=FILE:/var/log/kdc.log

    or similar. I found this in the krb5.conf manpage on a Solaris system;
    this manpage (and the krb5(3) manpage) don't seem to exist on my Debian
    sarge system. krb5(3) isn't on the Solaris box either, actually; I don't
    know that I've seen that manpage anywhere, come to think of it.

    I've reproduced below the text of this manpage in the logging section in
    case what you want to do is more complicated than what I described.

    Hope this helps,

    -r.

    ---

    LOGGING SECTION
    The [logging] section indicates how a particular entity is
    to perform its logging. The relations specified in this
    section assign one or more values to the entity name.

    Currently, the following entities are used:

    kdc These entries specify how the KDC is to perform its
    logging.

    admin_server
    These entries specify how the administrative server is
    to perform its logging.

    default
    These entries specify how to perform logging in the
    absence of explicit specifications otherwise.

    Values are of the following forms:

    FILE=

    FILE:
    This value causes the entity's logging messages to go
    to the specified file. If the = form is used, then the
    file is overwritten. Otherwise, the file is appended
    to.

    STDERR
    This value causes the entity's logging messages to go
    to its standard error stream.

    CONSOLE
    This value causes the entity's logging messages to go
    to the console, if the system supports it.

    DEVICE=
    This causes the entity's logging messages to go to the
    specified device.

    SYSLOG[:[:]]
    This causes the entity's logging messages to go to the
    system log.

    The severity argument specifies the default severity of
    system log messages. This may be any of the following
    severities supported by the _^Hs_^Hy_^Hs_^Hl_^Ho_^Hg(_^H3) call minus the
    LOG_ prefix: LOG_EMERG, LOG_ALERT, LOG_CRIT, LOG_ERR,
    LOG_WARNING, LOG_NOTICE, LOG_INFO, and LOG_DEBUG. For
    example, to specify LOG_CRIT severity, one would use
    CRIT for severity.


    The facility argument specifies the facility under
    which the messages are logged. This may be any of the
    following facilities supported by the _^Hs_^Hy_^Hs_^Hl_^Ho_^Hg(_^H3) call
    minus the LOG_ prefix: LOG_KERN, LOG_USER, LOG_MAIL,
    LOG_DAEMON, LOG_AUTH, LOG_LPR, LOG_NEWS, LOG_UUCP,
    LOG_CRON, and LOG_LOCAL0 through LOG_LOCAL7.

    If no severity is specified, the default is ERR, and if
    no facility is specified, the default is AUTH.

    In the following example, the logging messages from the KDC
    will go to the console and to the system log under the
    facility LOG_DAEMON with default severity of LOG_INFO; and
    the logging messages from the administrative server will be
    appended to the file /var/adm/kadmin.log and sent to the
    device /dev/tty04.

    [logging]
    kdc = CONSOLE
    kdc = SYSLOG:INFOAEMON
    admin_server = FILE:/var/adm/kadmin.log
    admin_server = DEVICE=/dev/tty04


    On Tue, May 24, 2005 at 06:30:42AM -0400, Ted Kaczmarek wrote:
    > Anyone know where one can get find information on syslog events for
    > krb5kdc ?
    > Googled with no success, and man pages and docs seem to be lacking in
    > this respect.
    >
    > Regards,
    > Ted
    >
    > ________________________________________________
    > Kerberos mailing list Kerberos@mit.edu
    > https://mailman.mit.edu/mailman/listinfo/kerberos


    ________________________________________________
    Kerberos mailing list Kerberos@mit.edu
    https://mailman.mit.edu/mailman/listinfo/kerberos

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.4 (GNU/Linux)

    iD8DBQFCkzfSrAG/UVUP/b0RAgQOAKCaCHz+A+CmW5b+02B+2nUQhBO3OQCgrBTd
    DspIL7VJiRfOlvt3rboCFjQ=
    =yvt5
    -----END PGP SIGNATURE-----


+ Reply to Thread