Bug 684577

Summary: Logwatch does not recognise ssh Kerberos (GSS) logins.
Product: Red Hat Enterprise Linux 5 Reporter: Aleksey Nogin <aleksey>
Component: logwatchAssignee: Jan Synacek <jsynacek>
Status: CLOSED ERRATA QA Contact: David Kutálek <dkutalek>
Severity: low Docs Contact:
Priority: unspecified    
Version: 5.6CC: ktdreyer
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 974046 (view as bug list) Environment:
Last Closed: 2012-08-29 11:17:12 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 974046    
Attachments:
Description Flags
Patch none

Description Aleksey Nogin 2011-03-13 15:35:40 UTC 
Our company have recently switched to using Kereberos authentication and configured sshd to allow GSS logins. This results in entries in logwatch emails of the form:

 **Unmatched Entries**
 Authorized to user, krb5 principal user (krb5_kuserok) : 1 time(s)
Comment 1 Ken Dreyer 2011-09-12 16:14:41 UTC 
Also present on RHEL 6.1.
Comment 2 RHEL Program Management 2011-09-23 00:28:35 UTC 
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated in the
current release, Red Hat is unfortunately unable to address this
request at this time. Red Hat invites you to ask your support
representative to propose this request, if appropriate and relevant,
in the next release of Red Hat Enterprise Linux.
Comment 3 Jan Synacek 2012-06-27 12:16:29 UTC 
Created attachment 594750 [details]
Patch

Correctly handle krb logins.
Comment 7 errata-xmlrpc 2012-08-29 11:17:12 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2012-1217.html