[Samba] Audit Trail/Logging For Network Logons and Logoffs

Andrew Bartlett abartlet at samba.org
Fri Mar 4 23:00:30 GMT 2005

On Thu, 2005-03-03 at 12:18 -0700, Lars Rasmussen wrote:
> On Thu, 03 Mar 2005 09:56:21 +1100, Andrew Bartlett <abartlet at samba.org> wrote:
> > I just hope you don't try and use the logs for anything important, given
> > you have to make them world writable....
> This is a problem.  Besides making the share hidden, I've tried to
> hack some permissions and used force user= .  

> This seems sloppy, but prevents users from viewing the share while
> allowing them to write to it.  What should I do differently in this
> scenario?

Use the system login records (such as utmp), write a pam module (hooking
into 'obey pam restrictions = yes' and the session modules), or
something similar.  You just can't do this with a system that requires
the *user* to write the records.

Andrew Bartlett

Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20050305/471c95c7/attachment.bin

More information about the samba mailing list