Red Hat Bugzilla – Bug 178813
Logging via syslog for allow entries fails
Last modified: 2007-11-30 17:07:22 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050922 Fedora/1.0.7-1.1.fc4 Firefox/1.0.7
Description of problem:
In /etc/hosts.allow I have:
sshd : 141.163. : severity daemon.warning : ALLOW
In /etc/syslog.conf I have:
Accessing ssh from within 141.163 does not get the connection attempt logged by TCP wrappers. I have tried this with the exim MTA too and the same happens (nothing logged). Any 'deny' configuration seems to get the attempt logged correctly, it is just the 'allow' ones that don't seem to get logged.
The same problem occurs on Fedora Core 4 as well.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Configure /etc/hosts.allow with an 'allow' entry as above.
2. Configure /etc/syslog.conf to log the relevant priority to a file (and restart syslogd).
3. Attempt to connect to the server from the given IP range.
Actual Results: Nothing gets logged in the configured log file (or any other log file that I can see).
Expected Results: An entry should get logged to the log file saying that a user has been given access by the TCP daemon.
Other rpm versions involved:
The tcp_wrappers do no logging at all. It's up to the individual services to log
Yes, it seems so. I have looked at this again this afternoon. Using 'severity'
in the hosts.allow file generally seems to be ignored. Sshd will log users
allowed to connect, but using the facility/severity specified in the
/etc/ssh/sshd_config file. Exim doesn't seem to log allowed connections at all,
despite allowing connections to be controlled by tcp_wrappers.
I'm sorry to have wasted your time over this. I shall close the call.
-- Hmm, well I tried to close the call. I kept getting an error saying that only
the owner or submitter of the bug can close the call. I am the submitter, am
logged in to bugzilla, but it isn't letting me close it. Someone else will have
to do that. Sorry.