June 2003
Intermediate to advanced
336 pages
8h 54m
English
Content preview from Linux Security CookbookBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
3.18. Logging Access to Your Services
Problem
You want to know who is accessing your services via xinetd .
Solution
Enable logging in the service’s configuration file:
/etc/xinetd.conf or /etc/xinetd.d/myservice:
service myservice
{
...
log_type = SYSLOG facility
level
log_on_success = DURATION EXIT HOST PID USERID
log_on_failure = ATTEMPT HOST USERID
}
xinetd logs to
syslog by default. To
log to a file instead, modify the
preceding log_type line to read:
log_type = FILE filenameDiscussion
xinetd can record diagnostic messages via
syslog or directly to a file. To use
syslog, choose a facility
(daemon, local0, etc.) and
optionally a log level (crit,
warning, etc.), where the default is
info.
log_type = SYSLOG daemon facility = daemon, level = info log_type = SYSLOG daemon warning facility = daemon, level = warning
To log to a file, simply specify a filename:
log_type = FILE /var/log/myservice.log
Optionally you may set hard and soft limits on the size of the log file: see xinetd.conf(5).
Log messages can be generated when services successfully start and
terminate (via log_on_success) or when they fail
or reject connections (via log_on_failure).
If logging doesn’t work for you, the most likely culprit is an incorrect setup in /etc/syslog.conf . It’s easy to make a subtle configuration error and misroute your log messages. Run our syslog testing script to see where your messages are going. [Recipe 9.28]
See Also
xinetd.conf(5), syslog.conf(5), inetd.conf(5).