I've implemented the /dev/log socket inside my chroot environment. I'm
able to log the users interactions with the server, but I have one
remaining issue. The logs don't contain and usernames or userids. The
process ID is logged and we could go through and try to associate the
process ID with the user who logged in, but I was hoping to find an
easier way. We need to be able to generate reports from these logs. Is
there a configuration change or patch that would include either userid
or username in the line posted to syslog?

Thanks for your help!


>On Sun, May 4, 2008 at 12:00 PM, Dan Yefimov


>> On Sun, 4 May 2008, john wrote:


>> > > What exact steps have you taken to accomplish what Damien


>> >


>> > Yes sorry Dan, I should have been specific.

>> >

>> > I created a file in my chroot root called /home/dev/auth.log

>> >

>> > Then I edited syslogd to write auth log to that location and

restarted syslogd.

>> >

>> It was wrong yet from this point. You should have created directory

named 'dev'

>> located right in your chroot directory. No syslogd.conf editing was


>> After that you should have reloaded your syslogd with additional

>> '-a /dev/log' parameter. And that's


>> --


>> Sincerely Your, Dan.




>Sorry for the delayed response,


>Dan and Peters pointer to using the syslogd -a option worked well.

>This is solution is fine for us, if a bit arcane. Since I can imagine

>this being a frequent request/complaint/misunderstanding about the way

>chrooting works with sftp it might save people a lot of time in the

>future if the man page gave a little note and example of how to log

>from within an sftp chroot.


>Thanks very much for your help. I really appreciate it!




>openssh-unix-dev mailing list



openssh-unix-dev mailing list