Re: logcheck

To: debian-isp <debian-isp@lists.debian.org>
Subject: Re: logcheck
From: Gerard MacNeil <macneil@supercity.ns.ca>
Date: Thu, 21 Sep 2000 19:18:10 -0300
Message-id: <[🔎] 00092119181000.32525@g.macns.ns.ca>
In-reply-to: <[🔎] Pine.LNX.4.21.0009211807510.1482-100000@ghost.net.cfw.com>
References: <[🔎] Pine.LNX.4.21.0009211807510.1482-100000@ghost.net.cfw.com>

On Thu, 21 Sep 2000, debian-isp@ghost.net.cfw.com wrote:
> Hey Russel and Group,
> Thanks for the continuing discussion.
>
> > Nobody suing to root is not non-threatening!  Ideally you would have a
> > group wheel or root required for su to root to prevent this.  Currently I
> > haven't as I haven't got the PAM setup for it going yet.
>
> PAM is acronym for 'password authentication mode' ?
> I know that BSD uses a wheel group that needs to be enacted before a su
> can happen. What means are you considering doing this?

PAM has support for it using pam_wheel.so

>
> Also, would something be running from cron that does this every morning at
> 6:23 AM? 

As user nobody su'ing to root,  it sounds like cron bulding the slocate 
database.

> Anyone know how I can investigate furthur?

Look in /etc/crontab, /etc/cron.daily, /etc/cron.d



-- 
---------------------------------------------------------------------------
Gerard MacNeil, P. Eng                          macneil@supercity.ns.ca
System Administrator
Supercity Internet Services                     http://www.supercity.ns.ca

Reply to:

References:
- Re: logcheck
  - From: <debian-isp@ghost.net.cfw.com>

Prev by Date: Re: logcheck
Next by Date: Re: logcheck
Previous by thread: Re: logcheck
Next by thread: Re: logcheck
Index(es):
- Date
- Thread