Acasă Explorează Ajutor
Înregistrare Autentificare
Apq
/
389-ds-base
oglindă de https://github.com/389ds/389-ds-base.git
1
0
Bifurcare 0
Fisiere Probleme 0 Wiki
Răsfoiți Sursa

Ticket 48145 - Allow merged logging of audit events

Bug Description:  The auditfail logging should be able to be directed to the
same audit file, or to it's own seperate file.

Fix Description:  When nsslapd-auditfaillog is not specified the value of
nsslapd-auditlog will be used for audit and auditfail events. If auditfaillog
is specified, all results with RC != LDAP_SUCCESS (0) will go to the auditfail
handler.

https://fedorahosted.org/389/ticket/48145

Author: wibrown

Review by: mreynolds (Thanks!)
William Brown 10 ani în urmă
părinte
026956c7e3
comite
b408ffcd5f
2 a modificat fișierele cu 10 adăugiri și 8 ștergeri
Vizualizare divizată Arată Statisticile Diff
  1. 2 5
      ldap/ldif/template-dse.ldif.in
  2. 8 3
      ldap/servers/slapd/auditlog.c

+ 2 - 5
ldap/ldif/template-dse.ldif.in
Vizualizați fișierul 

@@ -52,11 +52,8 @@ nsslapd-auditlog-mode: 600
 
 nsslapd-auditlog-maxlogsize: 100
 
 nsslapd-auditlog-logrotationtime: 1
 
 nsslapd-auditlog-logrotationtimeunit: day
 
-nsslapd-auditfaillog: %log_dir%/auditfail
 
-nsslapd-auditfaillog-mode: 600
 
-nsslapd-auditfaillog-maxlogsize: 100
 
-nsslapd-auditfaillog-logrotationtime: 1
 
-nsslapd-auditfaillog-logrotationtimeunit: day
 
+nsslapd-auditlog-logging-enabled: off
 
+nsslapd-auditfaillog-logging-enabled: off
 
 nsslapd-rootdn: %rootdn%
 
 nsslapd-rootpw: %ds_passwd%
 
 nsslapd-maxdescriptors: 1024

+ 8 - 3
ldap/servers/slapd/auditlog.c
Vizualizați fișierul 

@@ -78,7 +78,7 @@ write_audit_log_entry( Slapi_PBlock *pb )
 
     curtime = current_time();
 
     /* log the raw, unnormalized DN */
 
     dn = slapi_sdn_get_udn(sdn);
 
-    write_audit_file(SLAPD_AUDIT_LOG, operation_get_type(op), dn, change, flag, curtime, 0);
 
+    write_audit_file(SLAPD_AUDIT_LOG, operation_get_type(op), dn, change, flag, curtime, LDAP_SUCCESS);
 
 }
 
 
 void
 
@@ -129,8 +129,13 @@ write_auditfail_log_entry( Slapi_PBlock *pb )
 
     curtime = current_time();
 
     /* log the raw, unnormalized DN */
 
     dn = slapi_sdn_get_udn(sdn);
 
-    /* If we are combined */
 
-    write_audit_file(SLAPD_AUDITFAIL_LOG, operation_get_type(op), dn, change, flag, curtime, pbrc);
 
+    if (config_get_auditfaillog() == NULL || strlen(config_get_auditfaillog()) == 0) {
 
+        /* If no auditfail log write to audit log */
 
+        write_audit_file(SLAPD_AUDIT_LOG, operation_get_type(op), dn, change, flag, curtime, pbrc);
 
+    } else {
 
+        /* If we have our own auditfail log path */
 
+        write_audit_file(SLAPD_AUDITFAIL_LOG, operation_get_type(op), dn, change, flag, curtime, pbrc);
 
+    }
 
 }