堆栈内存溢出
  简体   繁体   English

如何禁用写入/ var / log / lastlog

[英]how to disable writing to /var/log/lastlog

 原文  2014-03-05 00:40:25       linux/ login-control

问题描述

how do i disable writing to /var/log/lastlog file. 我如何禁用写入/ var / log / lastlog文件。 In our system we had to use a vfat file system for /var/log and since it doesn't support sparse files, our lastlog file gets real huge. 在我们的系统中,我们必须对/ var / log使用vfat文件系统,由于它不支持稀疏文件,因此我们的lastlog文件变得非常庞大。 I'm tried 'session required pam_lastlog.so noupdate' as last rule in /etc/pam.d/login but it doesn't seem to be working. 我在/etc/pam.d/login中尝试了“会话所需的pam_lastlog.so noupdate”作为最后一条规则,但它似乎没有用。

having 'LASTLOG_ENAB no' in /etc/login.defs isn't also working. 在/etc/login.defs中使用'LASTLOG_ENAB no'也不起作用。

Appreciate any help. 感谢任何帮助。 Don't get any hits for this on web. 在网络上没有任何点击。

1 个解决方案

解决方案1
 1  2014-06-30 18:34:09

First, the answer: There are a number of ways to do it. 首先,答案是:有很多方法可以做到这一点。

  1. Make the file immutable with chattr. 使用chattr使文件不可变。 Zero it's size first. 首先将其大小为零。 Now nobody is allowed to write to it. 现在没有人可以写它。
  2. ln -s it to /dev/null. ln -s到/ dev / null。 Writes will still be allowed, but they go off into never-never land. 仍然可以写信,但它们会进入从未有过的土地。
  3. Delete it and create a directory with the same name. 删除它并创建一个具有相同名称的目录。
  4. Delete it and see if your version of the logging system will recreate it, several of them won't. 删除它,看看您的日志系统版本是否会重新创建它,其中的几个不会。

Obligatory warnings: 强制性警告:
1) Removing lastlog disrupts the audit-trail on your system and may cause various security tools to fail to function properly, or at all. 1)删除lastlog会破坏系统上的审核线索,并可能导致各种安全工具无法正常运行或根本无法正常运行。

2) vfat does not support sparse files... It also does not support journaling or individual file ownership. 2)vfat不支持稀疏文件...它也不支持日志或个人文件所有权。 By putting /var/log on vfat you are making it much, much easier for crackers (or even power failures) to potentially alter, damage, or destroy your logfiles. 通过将/ var / log放在vfat上,可以使破解者(甚至断电)更容易地潜在地更改,破坏或破坏日志文件。 There are lots of better filesystems out there, you should probably find one. 有很多更好的文件系统,您可能应该找到一个。 But that would be a separate question. 但这将是一个单独的问题。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何使用rsyslogd登录到/var/log/mail.log? - How to log to /var/log/mail.log using rsyslogd? 如何在/ var / log / messages,/ var / log / secure等中更改/自定义日志格式 - How to change/customize log formats in /var/log/messages ,/var/log/secure etc 如何解决在Linux上空的/ var / log / secure / var / log / messages等问题 - How to troubleshoot empty /var/log/secure /var/log/messages etc log on linux /var/log/daemon.log 占用更多空间如何减少它? - /var/log/daemon.log taking more space how to reduce it? 如何禁用 lighttpd 访问日志? - How to disable lighttpd access log? 解析lastlog的输出? - Parse output of lastlog? 如何停止写入BASH中的日志文件? - How to stop writing to log file in BASH? 如何将os.system('cat / var / log / dmesg')复制到变量 - how to copy os.system('cat /var/log/dmesg') to a variable 如何使用 NLog 在 Linux 上的 var/log/my-app-dir 中添加日志文件和文件夹 - How to add log files and folder in var/log/my-app-dir on Linux with NLog 如何在 /var/log/dpkg.log 中搜索每月安装/升级日志和 output 到文本文件 - How to search /var/log/dpkg.log for monthly intall/upgrade logs and output to text file
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM