mirror/guix
1
0
Fork 0
mirror of https://git.savannah.gnu.org/git/guix.git synced 2025-01-19 05:57:04 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

services: syslog: Log auth.info to /var/log/secure in default configuration.

Browse source 
This causes authentication failures such as those generated by SSH brute force
attacks to appear in /var/log/secure, which is picked up by tools such as
fail2ban.

* gnu/services/base.scm (%default-syslog.conf): Add a auth.info selector for
the /var/log/secure log.

Series-to: 62802@debbugs.gnu.org
This commit is contained in:
Maxim Cournoyer 2023-04-12 20:52:39 -04:00
parent 9f890e39e4
commit 2c1e17071d
No known key found for this signature in database
GPG key ID: 1260E46482E63562
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
gnu/services/base.scm
View file

@ -1521,7 +1521,9 @@ (define %default-syslog.conf
# The authpriv file has restricted access.
# 'fsync' the file after each line (hence the lack of a leading dash).
authpriv.* /var/log/secure
# Also include unprivileged auth logs of info or higher level
# to conveniently gather the authentication data at the same place.
authpriv.*;auth.info /var/log/secure
# Log all the mail messages in one place.
mail.* -/var/log/maillog