On 26/lug/07, at 09:19, Michael Stilkerich wrote:
> Hi,
>
> I am using sshguard on OpenBSD 4.1 with pf. It does not work
> using the setup from the documentation, because syslogd is
> not running as root but _syslogd on OpenBSD, which results
> in sshguard being executed as _syslogd lacking the privileges
> required to add new addresses to the sshguard table. I solved
> the problem by allowing _syslogd to execute sshguard as root
> through sudo and adjusted the syslog.conf appropriately.
I'll point this out, thank you.
> Maybe
> you should point this out in the documentation, since the log
> just says
> sshguard[28812]: Blocking command failed. Exited: -1
> sshguard[28812]: Release command failed. Exited: -1
> which isn't particularly helpful.
to solve this one could see useful to check on startup if sshguard is
running as superuser. This makes sense in most cases, but in the general
idea of pluggable backends some may not require such a constraint
and thus want to run it with lower privileges.
I will consider to put such a constraint in the individual firewall
initialization
routines to provide feedback on this. Who needs this gives up while
initializating.
> Also, you may want to consider calling pfctl with -q since
> otherwise it operates pretty verbosely. I don't know if these
> messages appear in some log, otherwise it doesn't really
> matter.
yes, syslogd runs processes with standard out and err moved to /dev/null
bye
|
