David Newall
2021-Sep-29 09:50 UTC
Howto log multiple sftpd instances with their chroot shared via NFS
Hi Hildegard, On 29/9/21 6:54 pm, Hildegard Meier wrote:>> Von: "Hildegard Meier"<daku8938 at gmx.de> >> If one does not use the/dev/log in the chroot environment (that is /var/data/chroot/<username>/dev/log absolute), you have a global sftpd log (I think in /var/log/messages on the server or something like that). > Sorry I think this is not true, I think I confused this with the first situation when I did not fetch each sftp chrooted user's /dev/log with a specific syslog-ng source config, > but just the whole sftp session logs from all users wnet to facility LOCAL5 and I fetched facility LOCAL5 into one log file. But /dev/log in each sftp user's chroot dir was required for that, though.I don't think it should be this hard to fix.? I'd like to help. I'm sorry if the questions have already been asked; if so, I missed it. What is /dev/log on each server (not the one in chroot).? I.e. output of ls -l /dev/log As Peter Stuge said, if you're using internal-sftp, the log device would be opened at start of sshd.? For external sftp, what is /dev/log in each NFS chroot?? I.e. output of ls -l /var/data/chroot/dev/log What OS are used on your sftp server (i.e. not the NFS server, and not the sftp client machine.) Regards, David
Hildegard Meier
2021-Sep-29 10:25 UTC
Aw: Re: Howto log multiple sftpd instances with their chroot shared via NFS
>I don't think it should be this hard to fix.? I'd like to help.Thanks David, your help is much appreciated.>What is /dev/log on each server (not the one in chroot).? I.e. output of ls -l /dev/logOn the next generation sftp server (Ubuntu 18.04.1 LTS with it's shipped OpenSSH 7.6p1-4ubuntu0.5): ls -l /dev/log lrwxrwxrwx 1 root root 28 Aug 27 11:54 /dev/log -> /run/systemd/journal/dev-log On the old (to be replaced with the new) sftp server (Ubuntu 12.04.5 LTS with it's shipped OpenSSH 5.9p1-5ubuntu1.10): ls -l /dev/log srw-rw-rw- 1 root root 0 Sep 23 15:07 /dev/log>For external sftp, what is /dev/log in each NFS chroot?? I.e. output of ls -l /var/data/chroot/dev/logBoth above sftp servers (old and new generation) mount /var/data/chroot/ from a third NFS server appliance. Every sftp user has it's (chroot) home dir /var/data/chroot/<username>/ under that single NFS mount. E.g. for the user "sftp_nagios" this is ls -l /var/data/chroot/sftp_nagios/dev/log srw-rw-rw-+ 1 root root 0 Sep 29 11:26 /var/data/chroot/sftp_nagios/dev/log Best regards