Proper way to do logging (KDC) from preauth plugin?
Jeff Blaine
jblaine at kickflop.net
Thu Apr 15 15:16:28 EDT 2010
Hmm. I'm at a loss.
// src/plugins/preauth/my/my_main.c
kdc_verify_preauth(...args...) {
...vars...
// first line of func past defining vars
krb5_klog_syslog(LOG_INFO, "PREAUTH: in my module");
}
kdc% grep debug /etc/syslog.conf
*.debug /var/log/messages
kdc%
kdc% ls -ld /usr/mykrb/lib/krb5/plugins/preauth/myplugin.so
-rw-r--r-- 1 root root 35754 Apr 15 15:03
/usr/mykrb/lib/krb5/plugins/preauth/myplugin.so
kdc%
client% kinit jblaine at MYREALM.OUR.ORG
Password for jblaine at MYREALM.OUR.ORG:
client%
kdc:/var/log/krb5kdc.log:
AS_REQ (4 etypes {18 17 16 23}) xx.xx.10.113: NEEDED_PREAUTH:
jblaine at MYREALM.OUR.ORG for krbtgt/MYREALM.OUR.ORG at MYREALM.OUR.ORG,
Additional pre-authentication required
AS_REQ (4 etypes {18 17 16 23}) xx.xx.10.113: ISSUE: authtime
1271357966, etypes {rep=18 tkt=18 ses=18}, jblaine at MYREALM.OUR.ORG for
krbtgt/MYREALM.OUR.ORG at MYREALM.OUR.ORG
kdc:/var/log/messages says nothing interesting
More information about the krbdev
mailing list