[Samba] Audit Trail/Logging For Network Logons and Logoffs
Andrew Bartlett
abartlet at samba.org
Fri Mar 4 23:00:30 GMT 2005
On Thu, 2005-03-03 at 12:18 -0700, Lars Rasmussen wrote:
> On Thu, 03 Mar 2005 09:56:21 +1100, Andrew Bartlett <abartlet at samba.org> wrote:
> > I just hope you don't try and use the logs for anything important, given
> > you have to make them world writable....
>
> This is a problem. Besides making the share hidden, I've tried to
> hack some permissions and used force user= .
> This seems sloppy, but prevents users from viewing the share while
> allowing them to write to it. What should I do differently in this
> scenario?
Use the system login records (such as utmp), write a pam module (hooking
into 'obey pam restrictions = yes' and the session modules), or
something similar. You just can't do this with a system that requires
the *user* to write the records.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20050305/471c95c7/attachment.bin
More information about the samba
mailing list