how to track webadmin login failures?

Gunnar Wrobel wrobel at pardus.de
Fri Dec 14 08:46:49 CET 2007


Adam Katz <kolab at khopis.com> writes:

>> kolab-webadmin in its current state does write no log file. This will
>> probably change in the future.
>
> I did a quick-and-dirty implementation of logging (warning, I don't know
> PHP) on my server running Debian Etch's (non-OpenPKG) APT packages for
> kolab-webadmin (0.4.0-20060810) and kolabd (1.9.4-20060707).  The diff for
> auth.class.php is attached.

Thanks for the contribution!

> Note that the PHP code is called by a non-privileged user (www-data on my
> Debian box) and therefore the log file needs to be owned by that user.  I
> also didn't go to the effort of a configurable option to define where the
> log file is.  I'm happy the alteration affected only one file, as it would
> otherwise be hard to maintain once Debian's team updates kolab-webadmin.
>
> The log file format was inspired by how the logs from apache look; I'm not
> married to any of it, and all that I really care about are the presence of
> the error message and the IP address.
>
> I'm not on the developers list, but I'm sure this will get forwarded there
> if that's desirable.
>
>
> I personally think that this sort of log is necessary for security
> purposes (think "audit trail"), so if logging gets implemented in a
> back-port-able manner, it should probably find its way into the official
> Debian packages (perhaps in volatile instead of Etch-updates).

Yes, you are certainly right that something like this should be
provided by kolab-webadmin. We also had other people requesting
logging from kolab-webadmin.

Currently kolab-webadmin has quite a few problems though and a
restructuring is currently pending. I already invested some time into
it and hope to be able to finish that soon. During that restructuring
I'll also add the logging.

Cheers,

Gunnar

-- 
______ http://kdab.com _______________ http://kolab-konsortium.com _

p at rdus Kolab work is funded in part by KDAB and the Kolab Konsortium

____ http://www.pardus.de _________________ http://gunnarwrobel.de _
E-mail : p at rdus.de                                 Dr. Gunnar Wrobel
Tel.   : +49 700 6245 0000                          Bundesstrasse 29
Fax    : +49 721 1513 52322                          D-20146 Hamburg
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   >> Mail at ease - Rent a kolab groupware server at p at rdus <<                 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




More information about the users mailing list