[3135] in Kerberos-V5-bugs
krb5-libs/772: LOG_AUTHPRIV should be supported
daemon@ATHENA.MIT.EDU (Charlie Root)
Tue Oct 12 11:55:38 1999
Resent-From: gnats@rt-11.MIT.EDU (GNATS Management)
Resent-To: krb5-unassigned@RT-11.MIT.EDU
Resent-Reply-To: krb5-bugs@MIT.EDU, root@ca.lcs.mit.edu
Message-Id: <199910121554.LAA45772@ca.lcs.mit.edu>
Date: Tue, 12 Oct 1999 11:54:13 -0400 (EDT)
From: Charlie Root <root@ca.lcs.mit.edu>
Reply-To: root@ca.lcs.mit.edu
To: krb5-bugs@MIT.EDU
>Number: 772
>Category: krb5-libs
>Synopsis: LOG_AUTHPRIV should be supported
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: krb5-unassigned
>State: open
>Class: change-request
>Submitter-Id: unknown
>Arrival-Date: Tue Oct 12 11:55:00 EDT 1999
>Last-Modified:
>Originator: Garrett A. Wollman
>Organization:
MIT Laboratory for Computer Science
>Release: krb5-1.1
>Environment:
System: FreeBSD ca.lcs.mit.edu 4.0-CURRENT FreeBSD 4.0-CURRENT #4: Wed Jul 14 16:57:46 EDT 1999 root@ca.lcs.mit.edu:/usr/src/sys/compile/CA i386
>Description:
4.4BSD syslogs have a facility LOG_AUTHPRIV, for LOG_AUTH-style
data which should be kept private. So far as I can tell, whatever
parses the [logging] section of krb5.conf doesn't know about this,
and parses SYSLOG:...:AUTHPRIV as if it were ...:AUTH.
>How-To-Repeat:
Specify `default = SYSLOG:INFO:AUTHPRIV' in /etc/krb5.conf and notice
that the syslog messages appear in facility AUTH.
>Fix:
Recognize the AUTHPRIV token iff LOG_AUTHPRIV is defined and
do the right thing.
>Audit-Trail:
>Unformatted:
