Menu
▾
▴
Re: [Openvpn-users] logs entries not as openvpn user
|
From: Dan L. <da...@la...> - 2025-09-09 11:08:05
|
On Tue, Sep 9, 2025, at 1:32 AM, Gert Doering wrote: > Hi, > > On Mon, Sep 08, 2025 at 05:28:38PM -0400, Dan Langille wrote: >> >> Sep 8 18:32:02 gw01 foo[38754]: pro06.int.example.org connected with IP 10.0.0.10 > [..] >> That's the script which produces the foo entry. I see no reason for it to run as foo. > > According to "man logger", this is what is running under... > > -t tag Mark every line in the log with the specified tag rather than the > default of current login name. Use -t tag[N] to insert specific > decimal process id instead of id of logger. > > ... but it could be a double uid in /etc/passwd - so if you have set > openvpn trun as "user bar", and foo+bar share the same uid, the reverse > mapping done by logger ("what user am I running under?") might end up > showing "foo". > > I'd add a call > > logger "my id: `id -a`" > > to see what it has to say... That's interesting: Sep 9 11:06:09 gw01 foo[26475]: my id: uid=0(root) gid=0(wheel) groups=0(wheel),5(operator) OpenVPN runs as root. -- Dan Langille da...@la... |
