[Testers wanted] /dev/console cleanups
Garrett Cooper
yanefbsd at gmail.com
Wed Nov 19 02:34:01 PST 2008
On Tue, Nov 18, 2008 at 1:49 PM, David Wolfskill <david at catwhisker.org> wrote:
> On Tue, Nov 18, 2008 at 10:34:10PM +0100, Ed Schouten wrote:
>> ...
>> One solution would be to let xconsole just display /var/log/messages.
>
> Errr... it may be rather a pathological case, but you might want to
> check the content of /etc/syslog.conf on the local machine before
> getting too carried away with that approach.
>
> For example, on my "firewall" box at home (where I really do not want to
> log anything to local disk files, though I do have a serial console on it):
>
> janus(6.4-P)[1] grep -v '^#' /etc/syslog.conf
> *.* @bunrab.catwhisker.org
> janus(6.4-P)[2]
>
> And then consider the fate of bunrab -- with stuff getting logged to
> /var/log/messages from various machines....
>
>> ...
>> I'll discuss this with others to decide if we should take such an
>> approach.
>
> I'm not trying to be obstructionist, here. If the above case is really
> "too pathological to consider" -- or if it's a case of me bringing that
> fate upon myself, I suppose -- that's actually something I can live
> with. It would be nice to be forwarned about it, though. :-}
>
> Peace,
> david
Uh, I second that. /var/log/messages shouldn't necessarily be
accessible by non-root users. Also, OSX 10.5 protects against non-root
access to dmesg. Not saying we should go that far, but it's already
being implemented, so I don't see any harm in hiding the contents of
`messages', as required by the sysadmin.
-Garrett
More information about the freebsd-hackers
mailing list