#32 Log auth failures in syslog
Closed: Fixed None Opened 12 years ago by simo.

We need to capture auth problem in /var/log/secure so that admins have a clue about why auth is failing.

Long term, might get fixed easily when we integrate ELAPI

Fields changed

fixedin: =>
owner: somebody => sbose

Fields changed

priority: major => critical

Moving to bugfix-only development until after 0.5.0. Lowering priority.

priority: critical => major
version: 1.0 => 0.4.1

fixed with 697733a

resolution: => fixed
status: new => closed

Fields changed

doc: => 0
docupdated: => 0
fixedin: => 0.6.0
tests: => 0
testsupdated: => 0

Fields changed

tests: 0 => 1

I am not seeing auth failures in /var/log/messages?

Fields changed

resolution: fixed =>
status: closed => reopened

We are going to handle this differently in the short-term.

For right now, we will add an option to write debug information to debug logs (specifiable in the sssd.conf).

Sorry, but this will change your tests.

owner: sbose => jhrozek
status: reopened => new

I think we have a double misunderstanding here. jgalipea was looking for messages from pam_sss in /var/log/messages, but they appear in /var/log/secure, because pam_sss logs with LOG_AUTHPRIV. This bug is not related to the debug information written by the sssd components.

Ah, my mistake. I misunderstood.

owner: jhrozek => sbose

Jenny, you need to parse /var/log/secure for these messages instead of /var/log/messages.

resolution: => fixed
status: new => closed

adding check for authentication failure messages in /var/log/secure for permission denied automated authentication tests.

tests: 1 => 0

Fields changed

testsupdated: 0 => 1

Fields changed

rhbz: => 0

Metadata Update from @simo:
- Issue assigned to sbose
- Issue set to the milestone: SSSD 1.0

4 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/1074

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.