[syslog-ng] internal-sftp and logs files

Sandor Geller Sandor.Geller at morganstanley.com
Tue Mar 1 17:33:47 CET 2011


Hi,

Did you check with strace where the apps is trying to log? It could
happen that it tries to open /dev/log within the chroot so you should
tell syslog-ng to create/listen on /var/www/naira.com.br/dev/log This
is documented in the sshd_config manpage.

Regards,

Sandor

On Tue, Mar 1, 2011 at 5:23 PM, Naira Kaieski <naira at faccat.br> wrote:
> Good afternoon,
>
> Staff set up openssh to direct users to a certain group members to a
> chroot environment and these users will have access only to the server
> using sftp protocol.
>
> Put in the sshd_config file:
> Match Group customers
>     ChrootDirectory% h
>     ForceCommand internal-sftp-l VERBOSE f-AUTH
>
> Thus each user is directed to the chroot environment indicated in the
> variable% h (home directory defined in / etc / passwd)
>
> An example of directory is:
> User: naira
> Home directory: /var/www/naira.com.br
>
> The problem is that I am not able to capture logs of the user group
> "clients" that are targeted to the chroot environment. Access via
> internal-sftp from other users who do not belong to the "client" I get
> the logs in auth.log files.
>
> I just create dir and file /var/www/naira.com.br/dev/log but i not had
> log files...
>
> I'm using syslog-ng.
>
> Has anyone ever made this kind of setup?
>
> Thanks,
> --
> Naira Kaieski
> Nucleo de Internet/Redes - Faccat
> Linux Professional Institute - LPI000223834
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.campin.net/syslog-ng/faq.html
>
>


More information about the syslog-ng mailing list