github-personal/sysadm
1
0
Fork 0
mirror of https://github.com/outbackdingo/sysadm.git synced 2026-01-27 10:20:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Cleanup a lot of the logging in the sysadm server. Now the hostinfo log file will clearly list connection time/IP, auth attempts/IP, Dispatches/IP, disconnections/IP. The dispatcher and events systems also properly log activity within their individual log files.

Browse Source
This commit is contained in:
Ken Moore
2016-02-02 13:46:23 -05:00
parent 3c991ebf4c
commit 8166ef8a79
10 changed files with 48 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
src/server/AuthorizationManager.cpp
View File

@@ -98,7 +98,7 @@ QString AuthorizationManager::LoginUP(QHostAddress host, QString user, QString p
}
qDebug() << "User Login Attempt:" << user << " Success:" << ok << " IP:" << host.toString();
LogManager::log(LogManager::HOST, QString("User Login Attempt:")+ user + " Success:" + (ok?"true":"false") + " IP:" + host.toString() );
LogManager::log(LogManager::HOST, QString("User Login Attempt: ")+user+" Success: "+(ok?"true":"false")+" IP: "+host.toString() );
if(!ok){
//invalid login
//Bump the fail count for this host
@@ -114,18 +114,29 @@ QString AuthorizationManager::LoginUP(QHostAddress host, QString user, QString p
QString AuthorizationManager::LoginService(QHostAddress host, QString service){
bool localhost = ( (host== QHostAddress::LocalHost) || (host== QHostAddress::LocalHostIPv6) );
//Login a particular automated service
qDebug() << "Service Login Attempt:" << service << " Success:" << localhost;
if(!localhost){ return ""; } //invalid - services must be local for access
//Check that the service is valid on the system
bool isok = false;
if(service!="root" && service!="toor"){
if(service!="root" && service!="toor" && localhost){
QStringList groups = getUserGroups(service);
isok = (groups.contains(service) && !groups.contains("wheel") && !groups.contains("operator"));
}
//Now generate a new token and send it back
if(!isok){ return ""; }
else{ return generateNewToken(false); }//services are never given operator privileges
if(!isok){
//invalid login
if(!localhost){
//Bump the fail count for this host
bool overlimit = BumpFailCount(host.toString());
if(overlimit){ emit BlockHost(host); }
return (overlimit ? "REFUSED" : "");
}else{
return "";
}
}else{ return generateNewToken(false); }//services are never given operator privileges
}
// =========================