(RADIATOR) Problem with AuthLog SYSLOG?

Mike McCauley mikem at open.com.au
Wed Aug 3 23:19:39 CDT 2005


Hello Shumon,

Thanks for your note.

Tests here with Sol 8 show that the newly patched version of AuthLog SYSLOG, 
as well as the previous version with 'LogSock inet' will both successfully 
connect and log to syslogd configured as it comes out of the box.

Cheers.


On Thursday 04 August 2005 13:25, Shumon Huque wrote:
> On Thu, Aug 04, 2005 at 11:44:03AM +1000, Mike McCauley wrote:
> > Hello Eivind,
> >
> > Thanks for reporting this.
> > It is due to the fact that on Solaris, syslog does not by default open a
> > unix domain socket, and AuthLog SYSLOG by default tries to use unix
> > domain sockets.
>
> The problem is actually slightly more complicated. Solaris doesn't
> use UNIX domain sockets at all. /dev/log and /dev/conslog are
> STREAMS devices, and furthermore, they expect to receive syslog
> priority codes  and syslog messages over the separate STREAMS
> control and data channels respectively. Perl's Sys::Syslog module
> is not capable of dealing with this.
>
> > You can fix this by setting
> > LogSock inet
> > in your AuthLog SYSLOG.
> >
> > We see that the default behaviour of AuthLog SYSLOG is probably not
> > appropriate for all platforms, so we have also now posted a patch so that
> > the syslog socket type is left as the default (tcp, udp, unix, stream,
> > console) unless LogSock is explicitly defined. This should prevent this
> > error message occurring on Soalris in the future.
>
> The downside to this approach is that it won't work for Solaris
> sites like us that, for security reasons, don't configure syslogd
> to listen on the network.
>
> In my opinion, the right solution to this problem is to get perl
> to fix their Syslog module to use the platform's native syslog
> library routines. That approach works on all platforms regardless
> of the internal implementation details of the syslog service,
> and a third party perl module that does this is actually available
> on CPAN, called Unix::Syslog.
>
> At our site, I replaced Radiator's references to Sys::Syslog
> with Unix::Syslog. Unfortunately, the function call interface
> between the two modules is not the same (the latter uses string
> constants rather the integer), so I also needed to install a
> translation table for these constants.
>
> It would be great if Radiator would consider adding an optional
> mechanism to support Unix::Syslog to deal with Solaris sites that
> don't use 514/udp.
>
> ---
> Shumon Huque				3401 Walnut Street, Suite 221A,
> Network Engineering			Philadelphia, PA 19104-6228, USA.
> Information Systems & Computing		(215)898-2477, (215)898-9348 (Fax)
> University of Pennsylvania / MAGPI.	E-mail: shuque -at- isc.upenn.edu

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia   http://www.open.com.au
Phone +61 7 5598-7474                       Fax   +61 7 5598-7070

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP etc on Unix, Windows, MacOS etc.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list