| Summary: | RFE audit logging improvement | ||
|---|---|---|---|
| Product: | Red Hat Directory Server | Reporter: | wibrown <wibrown> |
| Component: | Documentation | Assignee: | Marc Muehlfeld <mmuehlfe> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Viktor Ashirov <vashirov> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 10.0 | CC: | mmuehlfe, nhosoi, nkinder, pbokoc, rmeggins, wibrown |
| Target Milestone: | DS10.1 | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2016-11-21 13:43:19 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
|
Description
wibrown@redhat.com
2016-01-28 23:16:58 UTC
Hi Will, I was comparing the list of attributes you provided above with the existing list of 'nsslapd-auditlog*' parameters in the Configuration, Command and File Reference, and I found some discrepancies. Can you please take a look and let me know if this is expected or if we're missing some attributes? The following attributes are available for auditlog, but do not have an equivalent in the list you provided for auditfaillog: * nsslapd-auditlog-logrotationsyncmin * nsslapd-auditlog-maxlogsperdir * nsslapd-auditlog-mode The following attribute is in your list for auditfaillog, but does not have an equivalent auditlog attribute: * nsslapd-auditfaillog-logging-hide-unhashed-pw The following attribute is documented for nsslapd-accesslog but not auditlog or auditfaillog or errorlog - although I suspect that might be OK: * nsslapd-accesslog-logbuffering Thanks!
ldap/servers/slapd/slap.h:1941:#define CONFIG_AUDITFAILLOG_MODE_ATTRIBUTE "nsslapd-auditfaillog-mode"
./ldap/servers/slapd/libglobs.c:1130: {CONFIG_AUDITFAILLOG_MODE_ATTRIBUTE, NULL,
./ldap/servers/slapd/slap.h:1941:#define CONFIG_AUDITFAILLOG_MODE_ATTRIBUTE "nsslapd-auditfaillog-mode"
ldap/servers/slapd/slap.h:1945:#define CONFIG_AUDITFAILLOG_MAXNUMOFLOGSPERDIR_ATTRIBUTE "nsslapd-auditfaillog-maxlogsperdir"
ldap/servers/slapd/libglobs.c:1162: {CONFIG_AUDITFAILLOG_MAXNUMOFLOGSPERDIR_ATTRIBUTE, NULL,
ldap/servers/slapd/slap.h:1945:#define CONFIG_AUDITFAILLOG_MAXNUMOFLOGSPERDIR_ATTRIBUTE "nsslapd-auditfaillog-maxlogsperdir"
ldap/servers/slapd/slap.h:1960:#define CONFIG_AUDITLOG_LOGROTATIONSYNCMIN_ATTRIBUTE "nsslapd-auditlog-logrotationsyncmin"
ldap/servers/slapd/libglobs.c:297: {CONFIG_AUDITLOG_LOGROTATIONSYNCMIN_ATTRIBUTE, NULL,
ldap/servers/slapd/slap.h:1960:#define CONFIG_AUDITLOG_LOGROTATIONSYNCMIN_ATTRIBUTE "nsslapd-auditlog-logrotationsyncmin"
Appears to all be there. But it's missing from the 01core389.ldif. Saying this, nsslapd-auditlog-mode and co. are missing from the 389core.ldif too.
What made you think they were missing? They just aren't part of the template dse.ldif, but if you add them they will work ...
The update for Directory Server 10.1 is now available on the Customer Portal. |