similar to: Audit logs containing 28756E6B6E6F776E207573657229

Hi. The auditd logs are full of lines referencing 28756E6B6E6F776E207573657229 , but I can't identify this account type=USER_LOGIN msg=audit(1364926580.306:249814): user pid=22565 uid=0 auid=4294967295 ses=4294967295 msg='op=login acct=28756E6B6E6F776E207573657229 exe="/usr/sbin/sshd" hostname=? addr=127.0.0.1 terminal=ssh res=failed' What would typically cause this ?

https://bugzilla.mindrot.org/show_bug.cgi?id=2245 Bug ID: 2245 Summary: Multiple USER_LOGIN messages when linux audit support is enabled on bad login Product: Portable OpenSSH Version: 6.6p1 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5

The recently-left programmer did *something*, and he didn't know what, and the guy who picked it up is working with me to find out why /var/log/messages is getting flooded with Oct 26 11:01:06 <servername> kernel: type=1105 audit(1477494066.569:642430): pid=108551 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:unconfined_service_t:s0 msg='op=PAM:session_open

I am configuring a new mail server on RHEL 5 x64. I have configured dovecot as follows: ... protocols = imaps ... ssl_cert_file = /etc/pki/dovecot/certs/mailserver.cer ssl_key_file = /etc/pki/dovecot/private/mailserver.pem ... login_process_size = 64 ... mail_location = maildir:~/Maildir ... passdb pam { args = "session=yes cache_key=%u%s dovecot" } ... I'm getting the following

On 04/26/2017 04:22 AM, Gordon Messmer wrote: > On 04/25/2017 03:25 PM, Robert Moskowitz wrote: >> This made the same content as before that caused problems: > > I still don't understand, exactly. Are you seeing *new* problems > after installing a policy? What are the problems? > >> #!!!! The file '/var/lib/mysql/mysql.sock' is mislabeled on your system.

Hi, I am new to rails and I have setup Typo on my site. One little thing bugs me, the login page doesn''t give focus to the "user_login" field. I was wondering what do I need to do to make rails help with this? I have seen some simple inline javascript to set the focus, sort of like: document.<form_name>.user_login.focus() However the rails view doesn''t

hello all. My system is centos 5.x and there is no module related auditd there is no process(daemon) related auditd and selinux definately disabled. But I can see lots of auditd messages like below. Oct 20 02:01:01 linux kernel: type=1106 audit(1224435661.064:65210): user pid=25860 uid=0 auid=0 msg='PAM: session close acct="root" : exe="/usr/sbin/crond" (hostname=?,

Hi folks, I can't seem to log into my system via vsftpd. All other services using PAM are fine...Am I missing something simple? ftp> user (username) user 331 Please specify the password. Password: 530 Login incorrect. # getenforce Permissive here is the event in /var/log/audit/audit.log: type=USER_AUTH msg=audit(1247235151.569:9781): user pid=21052 uid=0 auid=0

Hi. How to use session in ruby on rails ? I try to make it work for hours, but it still doesn''t work... In my controller I have this: def identification @current_user = User.new(params[:user]) ok = false redir = ''login_failed'' @remote_user = User.find(:all) @remote_user.each do |r_user| if (r_user.login == @current_user.login and

I have a login section that is part of my view from my sign_up controller. Validating my user happens through a login_controller. Now if validation is good it is ok because I have a redirect in my login_controller. But if the login is not successful I have to go back to my view from my sign_up controller. Using redirect makes no sense because my @user_login object is lost and so are

I'm trying to configure PAM authentication and I'm having some issues. I'm using RHEL 5 and included below are excerpts from my relevant configuration and log files: */var/log/maillog* Jan 19 10:55:39 flacpmail dovecot: imap-login: Aborted login: user=<test>, method=PLAIN, rip=::ffff:128.8.244.15, lip=::ffff:128.8.244.161, TLS */etc/dovecot.conf* passdb pam { args =

Hello all, There seems to be a bug in internet explorer 5 where a redirect causes the session to be lost. A controller says.... def login case @request.method when :post if @session[:user] = User.authenticate(@params [:user_login], @params[:user_password]) return redirect_to(:action=>''send_confirmation'') unless

Hi, I am using Matt McCray''s theme generator. http://rubyforge.org/projects/theme-generator/ Everything works fine, but rendering an action in a controller using the AppMailer raises this: undefined method `current_theme'' for #<AppMailer:0x39df950> Is there someone who could help me ? Thanks ! Mickael. Traces:

I was looking through the loginGenerator code and noticed the following: Login: User.authenticate(@params[:user_login], @params[:user_password]) Signup User.authenticate(@user.login, @params[:user][:password]) The syntax of the call in the signup code confused me...what exactly does @params[:user][:password] this return to me? Is the params structure a multi-dimensional array? I would have

I'm trying to use sftp from a 2.9.9p2 client, connecting to a F-Secure 2.4.0 server, but consistently get the following. debug1: authentications that can continue: hostbased,publickey,password debug1: next auth method to try is publickey debug1: try privkey: /path/acct/.ssh/id_rsa debug1: try pubkey: /path/acct/.ssh/id_dsa debug1: authentications that can continue:

Wow I'm sending my second cry for help before the first even gets a reply, I'm starting to feel like a moron because I have no idea how I caused this current hitch. Here's the story: I was trying to add an acct called "administrator" to samba which has an enabled,good linux acct. I never did get that acct working for some unknown reason, but what happened as a result of my

Sorry, but why u r using the Radius with the CDR? Not enough to access the CDR in the /var/log/asterisk/cdr-csv/Master.csv? Also, what kind of Radius u r using? Any suggested link? Regards Bilal > > Hello list. > > I'm having some problems with the CDR Radius in my > Asterisk 1.4. I'm > using two TC400B cards for transcoding. When I reach > nearly 100 >

Hi all, I've got a share called [ACCOUNTING] with the following share definition: [ACCOUNTING] path = /data/samba/shares/Accounting valid users = @acct @"Domain Admins" browseable = yes public = no read only = no force group = acct Here is the permissions on the directory: oink:/data/samba/shares # ls -ld /data/samba/shares/Accounting drwxrwxr-x 9 root acct 4096 Nov 29 09:30

Hi, I''m having a problem trying to get a login controller working. When I try and post to my login controller I get the following error: ActionController::InvalidAuthenticityToken in LoginController#login login_controller: class LoginController < ApplicationController def login case request.method when :post if @session[''user''] =

I am trying to make a barebones login system based on this example (which in turn is just standard RoR login) but when I enter a user name and password, it says the login is unsuccessful every time. I am not sure where I am going wrong. Here is all relevent information CREATE TABLE `users` ( `id` int(6) unsigned NOT NULL auto_increment, `login` varchar(20) NOT NULL default