From: Barry Jaspan Date: Fri, 12 Nov 1993 02:35:28 +0000 (+0000) Subject: improve syslog information X-Git-Tag: krb5-1.0-beta3~148 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=9598bc39b08e3f1d8bb0313b134c430301ec2308;p=krb5.git improve syslog information git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@2900 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/doc/kadm5/api-funcspec.tex b/doc/kadm5/api-funcspec.tex index 4df2d6feb..171c450c7 100644 --- a/doc/kadm5/api-funcspec.tex +++ b/doc/kadm5/api-funcspec.tex @@ -1333,7 +1333,13 @@ privileges listed in the second field the ACL entry. The Admin server will log various events via the syslog mechanism (see the syslog(3) manual page). The level depends on the notice, the facility is LOG_LOCAL6, and notices are identified with the name -``ovsec_adm_server''. +``ovsec_adm_server''. Each syslog message described below begins with +a prefix including the time the message was logged, the host name of +the logging machine, and the pid of the logging process: + +\begin{verbatim} +Nov 11 12:37:26 suan-la-chow-show ovsec_adm_server[9229]: +\end{verbatim} \subsubsection{Miscellaneous Messages} @@ -1366,14 +1372,14 @@ GSS-API context establishment). This error occurs inside the RPC; the admin server is notified via a callback. \begin{verbatim} -Authentication Failed: , +Authentication attempt failed: , \end{verbatim} Example: A buggy client attempts to authenticate to the admin server as the existing but invalid service name ``mailserver@REALM.COM'': \begin{verbatim} -Authentication Failed: 192.231.148.11, Miscellaneous error, Wrong +Authentication attempt failed: 192.231.148.11, Miscellaneous error, Wrong principal in request \end{verbatim} @@ -1384,7 +1390,7 @@ decoded by the admin server. It can be the result of a a garbled attack, or a header/argument splicing attack. \begin{verbatim} -Authentication failure: , claimed client = , claimed client = , service = , addr = \end{verbatim} @@ -1392,7 +1398,7 @@ Example: An attacker attempts to replay a previously valid ``create principal'' message from jon/admin@REALM.COM: \begin{verbatim} -Authentication failure: ovsec_kadm_create_principal, claimed client = +WARNING! Forged/garbled request: ovsec_kadm_create_principal, claimed client = jon/admin@REALM.COM, service = admin@REALM.COM, addr = 192.231.148.12 \end{verbatim}