Bug#599240: openssh-server: error message snot logged unless PrivilegeSeparation off
On Wed, Oct 06, 2010 at 07:44:35PM -0700, Russ Allbery <rra@debian.org> wrote:
> Marc Lehmann <schmorp@schmorp.de> writes:
>
> > What luck that I found out how to reproduce it a while later: remove the
> > /etc/shadow entry for the user, and you get connection closed but no log
> > messages whatsoever.
>
> I think that's just because pam_unix doesn't log anything in this case.
> I've run into that before.
I have no clue who logs, but the fact remains that I only get the message
when privsep is off.
> I'm pretty sure this is a red herring, since the account portion of the
> pam_krb5 module (which is where this is checked in pam_unix) is able to
> log to syslog even with PrivilegeSeparation turned on.
Maybe, but the facts stay the same, no log message when privsep is on, and
a (not all that useful) message when it's off.
--
The choice of a Deliantra, the free code+content MORPG
-----==- _GNU_ http://www.deliantra.net
----==-- _ generation
---==---(_)__ __ ____ __ Marc Lehmann
--==---/ / _ \/ // /\ \/ / schmorp@schmorp.de
-=====/_/_//_/\_,_/ /_/\_\
Reply to: