(RADIATOR) Problem with AuthLog SYSLOG?

Mike McCauley mikem at open.com.au
Wed Aug 3 23:24:37 CDT 2005


On Thursday 04 August 2005 14:19, Mike McCauley wrote:
> Hello Shumon,
>
> Thanks for your note.
>
> Tests here with Sol 8 show that the newly patched version of AuthLog
> SYSLOG, as well as the previous version with 'LogSock inet' will both
> successfully connect and log to syslogd configured as it comes out of the
> box.

I should have said that this was with perl 5.8.5 from sunfreeware.

Cheers.

>
> Cheers.
>
> On Thursday 04 August 2005 13:25, Shumon Huque wrote:
> > On Thu, Aug 04, 2005 at 11:44:03AM +1000, Mike McCauley wrote:
> > > Hello Eivind,
> > >
> > > Thanks for reporting this.
> > > It is due to the fact that on Solaris, syslog does not by default open
> > > a unix domain socket, and AuthLog SYSLOG by default tries to use unix
> > > domain sockets.
> >
> > The problem is actually slightly more complicated. Solaris doesn't
> > use UNIX domain sockets at all. /dev/log and /dev/conslog are
> > STREAMS devices, and furthermore, they expect to receive syslog
> > priority codes  and syslog messages over the separate STREAMS
> > control and data channels respectively. Perl's Sys::Syslog module
> > is not capable of dealing with this.
> >
> > > You can fix this by setting
> > > LogSock inet
> > > in your AuthLog SYSLOG.
> > >
> > > We see that the default behaviour of AuthLog SYSLOG is probably not
> > > appropriate for all platforms, so we have also now posted a patch so
> > > that the syslog socket type is left as the default (tcp, udp, unix,
> > > stream, console) unless LogSock is explicitly defined. This should
> > > prevent this error message occurring on Soalris in the future.
> >
> > The downside to this approach is that it won't work for Solaris
> > sites like us that, for security reasons, don't configure syslogd
> > to listen on the network.
> >
> > In my opinion, the right solution to this problem is to get perl
> > to fix their Syslog module to use the platform's native syslog
> > library routines. That approach works on all platforms regardless
> > of the internal implementation details of the syslog service,
> > and a third party perl module that does this is actually available
> > on CPAN, called Unix::Syslog.
> >
> > At our site, I replaced Radiator's references to Sys::Syslog
> > with Unix::Syslog. Unfortunately, the function call interface
> > between the two modules is not the same (the latter uses string
> > constants rather the integer), so I also needed to install a
> > translation table for these constants.
> >
> > It would be great if Radiator would consider adding an optional
> > mechanism to support Unix::Syslog to deal with Solaris sites that
> > don't use 514/udp.
> >
> > ---
> > Shumon Huque				3401 Walnut Street, Suite 221A,
> > Network Engineering			Philadelphia, PA 19104-6228, USA.
> > Information Systems & Computing		(215)898-2477, (215)898-9348 (Fax)
> > University of Pennsylvania / MAGPI.	E-mail: shuque -at- isc.upenn.edu

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia   http://www.open.com.au
Phone +61 7 5598-7474                       Fax   +61 7 5598-7070

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP etc on Unix, Windows, MacOS etc.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list