From mboxrd@z Thu Jan 1 00:00:00 1970 From: Peter =?utf-8?q?M=C3=BCller?= To: development@lists.ipfire.org Subject: [PATCH 1/3] apply logging settings for OpenSSH correctly Date: Tue, 01 May 2018 14:40:11 +0200 Message-ID: <6d69e16d-e93b-6c91-a7c1-7731f821e537@link38.eu> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============1800415839241894937==" List-Id: --===============1800415839241894937== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable The logging settings for OpenSSH (log to syslog with "AUTH" facility at "INFO" level) were not applied correctly. This patch fixes that for both installed systems and the LFS file. Partially addresses #11538. Signed-off-by: Peter M=C3=BCller --- config/rootfiles/core/121/update.sh | 6 ++++++ lfs/openssh | 4 ++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/config/rootfiles/core/121/update.sh b/config/rootfiles/core/121/= update.sh index 87d5f6ebd..5b8f2c86e 100644 --- a/config/rootfiles/core/121/update.sh +++ b/config/rootfiles/core/121/update.sh @@ -56,7 +56,13 @@ rm -rvf \ /usr/share/nagios/ \ /var/nagios/ =20 +# Update SSH configuration +sed -i /etc/ssh/sshd_config \ + -e 's/^#SyslogFacility AUTH$/SyslogFacility AUTH/' \ + -e 's/^#LogLevel INFO$/LogLevel INFO/' + # Start services +/etc/init.d/sshd restart /etc/init.d/apache restart =20 # This update needs a reboot... diff --git a/lfs/openssh b/lfs/openssh index 203446370..46561953d 100644 --- a/lfs/openssh +++ b/lfs/openssh @@ -91,8 +91,8 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) -e 's/^#\?IgnoreUserKnownHosts .*$$/IgnoreUserKnownHosts yes/' \ -e 's/^#\?UsePAM .*$$//' \ -e 's/^#\?X11Forwarding .*$$/X11Forwarding no/' \ - -e 's/^#\?SyslogFacility AUTH .*$$/SyslogFacility AUTH/' \ - -e 's/^#\?LogLevel INFO .*$$/LogLevel INFO/' \ + -e 's/^#SyslogFacility AUTH$/SyslogFacility AUTH/' \ + -e 's/^#LogLevel INFO$/LogLevel INFO/' \ -e 's/^#\?AllowTcpForwarding .*$$/AllowTcpForwarding no/' \ -e 's/^#\?PermitRootLogin .*$$/PermitRootLogin yes/' \ -e 's|^#\?HostKey /etc/ssh/ssh_host_dsa_key$$||' \ --=20 2.13.6 --===============1800415839241894937== Content-Type: application/pgp-signature Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="signature.asc" MIME-Version: 1.0 LS0tLS1CRUdJTiBQR1AgU0lHTkFUVVJFLS0tLS0KVmVyc2lvbjogR251UEcgdjIKCmlRSWNCQUVC Q2dBR0JRSmE2R0FyQUFvSkVObEk4Zzk5ZTU5b0JJd1AvUkluNjZUVDYxdmphMk9zaXNTamYvNlQK anNCaHNuMTJEdzBET296NGlkUnZERmx4dmRacStHWllGRkFGNUc0eEIxWnROMWFhazlHQjQ5MDNy TlpLVHlWbQphM3Y0dnFsYXFXZ29IcGZpQW9seEVsbExMekFxQUhVYUhVRmhEQThqUDZnL1B0OTV4 aVRORkpLMmQ1SEIwSDhnCi9KbkNseUx0YTRleGZPUnJWWlZEU3VrM1l5Z0N0aVBsZHRBdGJVWVFN czRvL2UzbldKK3ZFSzlTeEswUjNvL3EKdXlyb2Y4ZlZXM0NTSHhvd2Y1Q1VrTUxOQ0wvK09aQ0lM SHJESmhGQnNzKy9OUy9kVjlSeTdxMXUvNlVVK2V6SgpBNGFzdS8rKzlqNmdMczN5WGI5eWtxdXA2 WEdJVkJnc0Z2NnpEMjVQUk1DZWEvSW5kL2w0c1UrZW9PNFdKck9QCmhicGhQTXNMeE1pR05POG8r OHJhZ3BDUldTbFZhY2FpYmlFZjBvVmZhVVZRWW1WOTJRNUFObjdHWUNKY29kZHMKc3k0MU13eGZ3 NWJUOWpaTTRFek5tRlF3bkdoWlhsdk10c3gvaTJEUTVLMTJ5Q0xhbW9zU0tBMUR3RTFzNFdMQwpN MzNTZHpXclNLWm9rc2tJSkdjMVAvSXFLbkFlS2xmUDRmeklwbFJzM01kcVV3YVFoSHllU1Y3a3RS K2hWb242CmV4WldMQjFRRnlaVFFmcXV3NE5XenhYRituK1FyaHorNllCTTFRL05COEk5Y0hRQTVS YVpKQVJmcDFhVHFwVkkKaUU1QlF1UDcxMThHc1pYblBXcWFXMjhWRk45OW9YRXlTbThtTURjOFFu Ty83amxEdjdydDMzaEZhUGhhenBUcQpTRHZPbmZCVnpOeGlpT1pRRVZRQQo9SkFlYQotLS0tLUVO RCBQR1AgU0lHTkFUVVJFLS0tLS0K --===============1800415839241894937==--