Re: New user for logcheck
On Sat, 20 Nov 1999, Michael Stone wrote:
> On Sat, Nov 20, 1999 at 04:09:28PM +0000, Rene Mayrhofer wrote:
> > Logcheck is a new package in potato and it's purpose is to check the
> > system log files for unusal parts. It is a shell script that is run from
> > cron.
> > I got a suggestion for the logcheck package that I like. The suggestion
> > was that logcheck should run as an own uid with the gid 'adm' (so that
> > it can read the system log files). That would mean that a new uid is
> > needed (or does it make sense to use an existing one - I don't think
> > so).
> > Would that be a problem ?
>
> What does the new userid buy us? Does the script accept user input? Does
> it create files? What about running it as nobody?
Presumably it needs to run as a sufficiently privileged user to actually
read the logfiles, so nobody's no good (as it were...;)
Jules
/----------------+-------------------------------+---------------------\
| Jelibean aka | jules@jellybean.co.uk | 6 Evelyn Rd |
| Jules aka | jules@debian.org | Richmond, Surrey |
| Julian Bean | jmlb2@hermes.cam.ac.uk | TW9 2TF *UK* |
+----------------+-------------------------------+---------------------+
| War doesn't demonstrate who's right... just who's left. |
| When privacy is outlawed... only the outlaws have privacy. |
\----------------------------------------------------------------------/
Reply to: