phk at phk.freebsd.dk
Fri Apr 20 05:42:34 UTC 2007
In message <4627DD51.9020003 at aueb.gr>, Diomidis Spinellis writes:
>Poul-Henning Kamp wrote:
>> In message <20070419212253.L2913 at fledge.watson.org>, Robert Watson writes:
>>>> __dev_t ac_tty; /* controlling tty */
>> This field is useless, nobody uses hardwired RS-232 terminals
>> What we should do is add a systemcall or sysctl, so session creators
>> like getty, sshd and similar can install a session indentifying string
>> on the session, and then dump that in the accounting.
>> sshd would log IP+port and possibly also credential used for auth.
>Isn't this purpose mostly served by joining the accounting record with
>wtmp on the ll_line field to obtain the IP address from the ll_host field?
The IP number alone is not a "session identifier", you want the ID
of the credential that gave access as well.
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
More information about the freebsd-arch