Menu
▾
▴
Re: [SSHGuard-users] sshguard 2.0 issues with sshguard.conf on freebsd
|
From: Kevin Z. <kev...@gm...> - 2017-07-21 16:11:27
|
On 07/21/2017 08:41, Christos Chatzaras wrote: > The problem is that it ignores all changes in sshguard.conf and I think the only change it works is the BACKEND option. I took a look at the rc.d script in ports. SSHGuard usually looks at sshguard.conf for a list of files to monitor, but lets you override it via the command line using -l arguments. Here, the rc.d script is *always* setting the '-l' arguments even if you don't have SSHGUARD_WATCH_LOGS set in your rc.conf. The right thing to do might be to change the rc.d script to avoid setting '-l' arguments if the user left SSHGUARD_WATCH_LOGS empty. Or, if easing the transition isn't important, axing it in favor of the configuration file. > Then I add back in rc.conf the lines: > > sshguard_watch_logs="/var/log/auth.log:/var/log/maillog:/var/log/xferlog" > sshguard_blacklist="" > > and restart sshguard and running "ps -ax | grep sshguard" I get: > > 51567 - Is 0:00.00 /bin/sh /usr/local/sbin/sshguard -l /var/log/auth.log -l /var/log/maillog -l /var/log/xferlog -a 30 -p 120 -s 1800 -w /usr/local/etc/sshguard.whitelist -i /var/run/sshguard.pid > 51569 - S 0:00.00 /usr/local/libexec/sshg-parser > 51570 - S 0:00.14 /usr/local/libexec/sshg-blocker -a 30 -i /var/run/sshguard.pid -p 120 -s 1800 -w /usr/local/etc/sshguard.whitelist > 51571 - I 0:00.00 /bin/sh /usr/local/sbin/sshguard -l /var/log/auth.log -l /var/log/maillog -l /var/log/xferlog -a 30 -p 120 -s 1800 -w /usr/local/etc/sshguard.whitelist -i /var/run/sshguard.pid > 51572 - I 0:00.00 /bin/sh /usr/local/libexec/sshg-fw-ipfw > > Is it normal for sshguard process to run 2 times? That's not sshguard running two times, but actually a subshell of the interpreter running the sshguard script. So the SSHGuard script is correctly being run once, it's just that it spawned a subshell that looks identical to the parent. Best, Kevin -- Kevin Zheng kev...@gm... | ke...@be... | PGP: 0xC22E1090 |
