I prompted a failed su attemp in order to observe the log.
However, I couldn't find where su writes its logs.
My box is Kali 2019.
I commented out the SULOG section in my /etc/login.defs file
# If defined, all su activity is logged to this file.
#
SULOG_FILE /var/log/sulog
Despite having done that I still don't have sulog file in /var/log.
I created one manually and made the wrong attempt again but nothing.
I am missing something?
Thank you all in advance.
many times, login attempts or request for a new login shell are logged into os mailbox and/or on your system log.
It depend on your os default configs.
Try to check file:
/var/spool/mail/
or try:
journalctl -r
to see all your system log starting by newest
Related
I have a service configured in systemd that runs a binary file and it runs constantly. The problem is that after running this binary file, you have to confirm Terms&Conditions by typing y in the terminal and validating it by click Enter. I cannot run this file through this, because the systemctl status appears to me as failed, because of lack of validation. Does anyone know how I can run this service and automatically accept Terms in terminal?
I figured it out in such a way:
I created .sh file in usr/bin with this content:
#!/usr/bin/bash
yes | /home/marek/webcash/webminer
Then I created config file in systemd with ExecStart: /path/to/file.sh
and now it works - systemd is running correctly, the logs are logging, the answer "yes" was typed only once in binary file when the user prompt appeared.
I have a freeradius server setup with google authenticator to provide a basic working multi-factor setup.
Everything works when I run radiusd in debug mode as root. If I start it as a service, logons fail and this messages is recorded when processing messages:
radiusd(pam_google_authenticator)[1115]: Failed to read "/home/user#domain.com/.google_authenticator" for "user#domain.com"
I think this must be a permissions issue since it works fine when run as root.
I don't really want to edit the permissions on each secret file for every user.
I have tried specifying root in
/etc/raddb/radiusd.conf
user = root group = root
but still the service fails unless run from the command line as root. Does anyone have a nice elegant solution to this conundrum?
I think you should check out your systemd service file for radiusd. It might look something like:
https://github.com/ipfire/ipfire-3.x/blob/master/freeradius/systemd/freeradius.service
You can add User= and Group= in the [Service] section of the .service file if needed. See
https://unix.stackexchange.com/questions/347358/how-to-change-service-user-in-centos-7
and
https://serverfault.com/questions/806617/configuring-systemd-service-to-run-with-root-access
It would be a good idea to put the contents of the .service file for radiusd in your post.
i have written a bash script. If I run this script manually on same server then its output is
CRITICAL:Something really bad is happening on server.CPU load of Process id: 11109
for user: root with command: java is 76.5
Then I configured its alert on nagios, and nagios is reading its output like
CRITICAL:Something really bad is happening on server.CPU load of Process id:
for user: with command: is
Means values are missing driven from file.
That's most likely happening because generally Nagios uses a user "nagios" or "nrpe" to execute the script plugins and that user is not able to view all processes like root does or does not have the permission to read the file you are asking it to read. You should give the nrpe user permission to read via "sudo" to solve your issue. Please note that in order to run sudo with a user that does not log in(as the Nagios user), you also nees to commebt out the Require tty parameter from /etc/sudoers file.
I have installed Torque-4.2.6 version. My machine has RHEL 6 Operating System. I have installed through user1 login as it has root permission. It is working properly whenever I execute 'pbsnodes -a' command. If I'm login through user2 onto the same machine, whenever I execute 'pbsnodes -a' then it is throwing the following error.
pbs_iff: cannot read reply from pbs_server
No Permission.
pbsnodes: cannot connect to server 'node1', error=15007 (Unauthorized Request )
There no such executable as pbs_iff. What could be the problem.? Can anyone help me.?
Here is my experience with PbsPro, I would assume it works similar with Torque.
What you need is to change the pbs_iff mod to -rwsr-xr-x by:
chmod 4755 /opt/pbs/.../sbin/pbs_iff
Refer to the location of pbs_iff file in your system. Note it is in the pbs.../sbin folder instead of the bin folder.
Per https://serverfault.com/questions/253932/torque-works-half-of-the-time-fails-no-permission-the-other-half -- there may be an issue with the queue being clogged with corrupt jobs, possibly from a dead node, so manually clearing out
/var/spool/torque/server_priv/jobs/
and
/var/spool/torque/server_priv/arrays/
and restarting pbs_server may solve the issue.
Note you will obviously have to resubmit these jobs back to the queue
qmgr
Qmgr:set set server acl_host_enable=False
I have installed successfully the roar-penguin pppoe-server and trying to use it without success, what I don't understand is that, when I put in my /etc/ppp/pppoe-server-options
debug
logfile /var/log/pppoe-server-log
But that file is not created and I don't understand what happens. It is really hard for me find a solution. Do you know how can I enable the debugging ?
My problem is that I catch every time (Wireshark sniffing) the
RP-PPPoE: Child pppd process terminated
In the PADT message, any help ?
Thanks in advance.
From your question not being formatted, verify that debug and logfile in /var/log/pppoe-server-log are on separate lines in your configuration file. Also, ensure that you've restarted the service to utilize the new configuration. If the service is not running as root, be sure that the user it runs as has ownership over the logfile to write to it. If it is running as root, ensure the file exists and that it's writable.
If it doesn't exist, just run:
# touch /var/log/pppoe-server-log
# chmod 0774 /var/log/pppoe-server-log
I would think this should be done automatically, but you may as well do so just to ensure it's created properly and you can verify ownership/permissions as needed.