headers
Mark Tso | 11 Aug 2010 06:01
Picon

TACACS PAM Accounting Question

Hi

I have a tacacs PAM module (pam_tacplus), which works like a charm on
Centos 5.5.

The user performing ssh to the Centos server is getting authenticated
and authorized via TACACS PAM.

The pam_tacplus has an accounting option, which is sending a start of
the service shell and end of the service shell to the ACS for
accounting.

I want to send all the commands typed by the user on the Linux server
to TACACS+ accounting.

What's the best way to achieve this? I have process accounting turned
ON on the Centos server.

Can I parse the output of lastcomm and upload that to the TACACS+
server periodically?
Is there a wrapper to the login process to intercept the commands
which the user types and send it to TACACS+ Accounting before actually
executing them on the Centos server?

$ lastcomm
lastcomm               mark     stderr     0.01 secs Tue Aug 10 23:54
man              S     mark     stderr     0.03 secs Tue Aug 10 23:54
pager                  mark     stderr     0.00 secs Tue Aug 10 23:54
gzip                   mark     stderr     0.00 secs Tue Aug 10 23:54
nroff                  mark     stderr     0.00 secs Tue Aug 10 23:54
(Continue reading)

Permalink | Reply | 0 comments |
headers
Craig Small | 17 Aug 2010 00:46
Picon
Gravatar

Re: virtual appliance

On Tue, Aug 10, 2010 at 12:15:56PM -0400, Leopold Giterson wrote:
> Has anyone considered making a virtual appliance for jffnms. ?
You mean like a VMDK you can load up into vmware or an actual appliance?

Trango used to make an actual appliance but I don't think they make them
anymore.  A VMDK is an interesting idea.  I have vmware on my computer
but it's decided to stuff up yet again (503 error on the console - sadly
quite common) so its a while off for me.

 - Craig

--

-- 
Craig Small      GnuPG:1C1B D893 1418 2AF4 45EE  95CB C76C E5AC 12CA DFA5
http://www.enc.com.au/                             csmall at : enc.com.au
http://www.debian.org/          Debian GNU/Linux, software should be Free 

------------------------------------------------------------------------------
This SF.net email is sponsored by 

Make an app they can't live without
Enter the BlackBerry Developer Challenge
http://p.sf.net/sfu/RIM-dev2dev
Permalink | Reply | 9 comments |
headers
Craig Small | 17 Aug 2010 01:06
Picon
Gravatar

Windows support will remain

Hello,
  There were some emails a while ago regarding windows support.  I have
had a look at the code and it is likely for the forseeable future it
will remain in PHP, not C. This is mainly around the plugins part
because expanding those would be tricky.

I'm also working a lot on the poller because it is the thing that the
larger sites hammer the most.  Unfortunately while the Unixes have a
lovely wealth of process controls like real threading, Windows does not.
I've chosen to keep with the process forks not threads (just like
poller2 does) so the program still works on Windows.  Hopefully one day
the thread support arrives for php in windows.

You might not realise it, but the poller is actually 2 programs in one.
There is a master program that then forks and runs the child programs.
poller2 had the code for both in one file, this is now split out and
been cleaned up a lot.

If you want to see the new pollers they are in the git repository.  The 
current state of the repository means you probably cannot run everything
yet. The new master is poller3.php while the child is poller_child.php

The gitview is at
http://jffnms.git.sourceforge.net/git/gitweb.cgi?p=jffnms/code;a=tree;f=engine
--

-- 
Craig Small      GnuPG:1C1B D893 1418 2AF4 45EE  95CB C76C E5AC 12CA DFA5
http://www.enc.com.au/                             csmall at : enc.com.au
http://www.debian.org/          Debian GNU/Linux, software should be Free 

------------------------------------------------------------------------------
(Continue reading)

Permalink | Reply | 0 comments |
headers
info | 17 Aug 2010 03:00

Re: virtual appliance

Has anyone considered making a virtual appliance for jffnms. ?
You mean like a VMDK you can load up into vmware or an actual appliance?
Trango used to make an actual appliance but I don't think they make them anymore. A VMDK is an interesting idea. I have vmware on my computer but it's decided to stuff up yet again (503 error on the console - sadly quite common) so its a while off for me.
===========
 
I was referring a a appliance for vmware.
I am just only now starting with vmware.
I am using jffnms on a windows system, but obviously I can not use all the feautures. I am looking to do it in linux.
Since I am looking to provide solutions to clients, I started to look into vmware to provide 1 box that has the services I need to provide to them.
Over the years I have seen a lot of questions regarding installations issues, and the installation could be streamlined via a vmware appliance nowadays , maybe could have been done even via some imaging solutions in the past (thinking out loud).
 
Leopold Giterson
------------------------------------------------------------------------------
This SF.net email is sponsored by 

Make an app they can't live without
Enter the BlackBerry Developer Challenge
http://p.sf.net/sfu/RIM-dev2dev 
_______________________________________________
jffnms-users mailing list
jffnms-users@...
https://lists.sourceforge.net/lists/listinfo/jffnms-users
Permalink | Reply | 7 comments |
headers
LIMA David | 17 Aug 2010 10:04

RE : virtual appliance


Great news, I build lots of JFFNMS on vmware, you can start with a minimal install of Ubuntu (based on Debian) ==> JEOS with kernel optimisation and minimum footprint (I think that there is no more JEOS version of Ubuntu, start from Ubuntu server edition. Then just add the vmware tools, and install JFFNMS (apt-get), everything should work out of the Box.

David LIMA
Consultant Infrastructure
www.scc.com



-------- Message d'origine--------
De: info-9Er9kWJ9TY+35wUkaLeaMEEOCMrvLtNR@public.gmane.org [mailto:info-9Er9kWJ9TY+35wUkaLeaMEEOCMrvLtNR@public.gmane.org]
Date: mar. 17/08/2010 03:00
À: jffnms-users-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
Objet : Re: [jffnms-users] virtual appliance

Has anyone considered making a virtual appliance for jffnms. ?
You mean like a VMDK you can load up into vmware or an actual appliance?

Trango used to make an actual appliance but I don't think they make them anymore. A VMDK is an interesting idea. I have vmware on my computer but it's decided to stuff up yet again (503 error on the console - sadly quite common) so its a while off for me.
===========

I was referring a a appliance for vmware.
I am just only now starting with vmware.
I am using jffnms on a windows system, but obviously I can not use all the feautures. I am looking to do it in linux.
Since I am looking to provide solutions to clients, I started to look into vmware to provide 1 box that has the services I need to provide to them.
Over the years I have seen a lot of questions regarding installations issues, and the installation could be streamlined via a vmware appliance nowadays , maybe could have been done even via some imaging solutions in the past (thinking out loud).

Leopold Giterson



______________________________________________________________________
Ce message contient des informations dont le contenu est susceptible d'etre confidentiel.
Il est destine au(x) destinataire(s) indique(s) exclusivement.

A moins que vous ne fassiez partie de la liste des destinataires, ou que vous soyez habilite a recevoir le mail a leur place, il vous est interdit de le copier, de l'utiliser ou de devoiler son contenu a un tiers.

Si vous avez recu cet email par erreur, merci de prendre contact avec l'emetteur.

Les opinions exprimees dans cet e-mail sont celles de l'emetteur et ne refletent pas necessairement celles de l'entreprise.

Ce e-mail peut contenir des pieces jointes dont certaines pourraient contenir des virus qui pourraient endommager votre systeme informatique.

La compagnie a pris toutes dispositions afin de minimiser ce risque et decline toute responsabilite pour toute perte ou dommage resultant directement ou indirectement de l'utilisation de cet email ou de son contenu.

Il vous appartient d'effectuer vos propres controles anti-virus avant d'ouvrir la ou les pieces jointes.
______________________________________________________________________
------------------------------------------------------------------------------
This SF.net email is sponsored by 

Make an app they can't live without
Enter the BlackBerry Developer Challenge
http://p.sf.net/sfu/RIM-dev2dev 
_______________________________________________
jffnms-users mailing list
jffnms-users@...
https://lists.sourceforge.net/lists/listinfo/jffnms-users
Permalink | Reply | 1 comment |
headers
Craig Small | 17 Aug 2010 14:44
Picon
Gravatar

Re: RE : virtual appliance

On Tue, Aug 17, 2010 at 10:04:45AM +0200, LIMA David wrote:
>    Great news, I build lots of JFFNMS on vmware, you can start with a minimal
>    install of Ubuntu (based on Debian) ==> JEOS with kernel optimisation and
>    minimum footprint (I think that there is no more JEOS version of Ubuntu,
>    start from Ubuntu server edition. Then just add the vmware tools, and
>    install JFFNMS (apt-get), everything should work out of the Box.
I wouldn't think it would be that difficult to do, if you had a working
vmware setup.  It's really a LAMP (Linux,Apache,Mysql,PHP) setup with a
couple of little extras.

Thanks for the confirmation though.

 - Craig
--

-- 
Craig Small      GnuPG:1C1B D893 1418 2AF4 45EE  95CB C76C E5AC 12CA DFA5
http://www.enc.com.au/                             csmall at : enc.com.au
http://www.debian.org/          Debian GNU/Linux, software should be Free 

------------------------------------------------------------------------------
This SF.net email is sponsored by 

Make an app they can't live without
Enter the BlackBerry Developer Challenge
http://p.sf.net/sfu/RIM-dev2dev
Permalink | Reply | 0 comments |
headers
info | 23 Aug 2010 23:04

Re: RE :_virtual_appliance

Then the question becomes if someone does someone has jffnms available as a vmware virtual appliance so others can use/install it.

Leopold Giterson
 
 
-------- Original Message --------
Subject: Re: [jffnms-users] RE :_virtual_appliance
From: Craig Small <csmall-uDC8m6n2UkUQrrorzV6ljw@public.gmane.org>
Date: Tue, August 17, 2010 8:44 am
To: jffnms-users-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org

On Tue, Aug 17, 2010 at 10:04:45AM +0200, LIMA David wrote:
> Great news, I build lots of JFFNMS on vmware, you can start with a minimal
> install of Ubuntu (based on Debian) ==> JEOS with kernel optimisation and
> minimum footprint (I think that there is no more JEOS version of Ubuntu,
> start from Ubuntu server edition. Then just add the vmware tools, and
> install JFFNMS (apt-get), everything should work out of the Box.
I wouldn't think it would be that difficult to do, if you had a working
vmware setup. It's really a LAMP (Linux,Apache,Mysql,PHP) setup with a
couple of little extras.

Thanks for the confirmation though.

- Craig
--
Craig Small GnuPG:1C1B D893 1418 2AF4 45EE 95CB C76C E5AC 12CA DFA5
http://www.enc.com.au/ csmall at : enc.com.au
http://www.debian.org/ Debian GNU/Linux, software should be Free

------------------------------------------------------------------------------
This SF.net email is sponsored by

Make an app they can't live without
Enter the BlackBerry Developer Challenge
http://p.sf.net/sfu/RIM-dev2dev
_______________________________________________
jffnms-users mailing list
jffnms-users-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
https://lists.sourceforge.net/lists/listinfo/jffnms-users
------------------------------------------------------------------------------
Sell apps to millions through the Intel(R) Atom(Tm) Developer Program
Be part of this innovative community and reach millions of netbook users 
worldwide. Take advantage of special opportunities to increase revenue and 
speed time-to-market. Join now, and jumpstart your future.
http://p.sf.net/sfu/intel-atom-d2d
_______________________________________________
jffnms-users mailing list
jffnms-users@...
https://lists.sourceforge.net/lists/listinfo/jffnms-users
Permalink | Reply | 0 comments |
headers
Craig Small | 24 Aug 2010 14:56
Picon
Gravatar

Re: virtual appliance

On Mon, Aug 16, 2010 at 06:00:07PM -0700, info@... wrote:
>    Since I am looking to provide solutions to clients, I started to look into
>    vmware to provide 1 box that has the services I need to provide to them.
>    Over the years I have seen a lot of questions regarding installations
>    issues, and the installation could be streamlined via a vmware appliance
>    nowadays , maybe could have been done even via some imaging solutions in
>    the past (thinking out loud)
I actually did get my vmware to work now.  It seems the java in the
tomcat management server doesn't like having an IPv6 setup and so just
goes away sulks and crashes.

I think creating a vmdk would be a neat idea and at least give some
people an easy start to it all.

 - Craig
--

-- 
Craig Small      GnuPG:1C1B D893 1418 2AF4 45EE  95CB C76C E5AC 12CA DFA5
http://www.enc.com.au/                             csmall at : enc.com.au
http://www.debian.org/          Debian GNU/Linux, software should be Free 

------------------------------------------------------------------------------
Sell apps to millions through the Intel(R) Atom(Tm) Developer Program
Be part of this innovative community and reach millions of netbook users 
worldwide. Take advantage of special opportunities to increase revenue and 
speed time-to-market. Join now, and jumpstart your future.
http://p.sf.net/sfu/intel-atom-d2d
Permalink | Reply | 4 comments |
headers
Eric Wheeler | 24 Aug 2010 18:50

Re: virtual appliance

On Tue, 2010-08-24 at 22:56 +1000, Craig Small wrote:
> On Mon, Aug 16, 2010 at 06:00:07PM -0700, info@... wrote:
> >    Since I am looking to provide solutions to clients, I started to look into
> >    vmware to provide 1 box that has the services I need to provide to them.
> >    Over the years I have seen a lot of questions regarding installations
> >    issues, and the installation could be streamlined via a vmware appliance
> >    nowadays , maybe could have been done even via some imaging solutions in
> >    the past (thinking out loud)
> I actually did get my vmware to work now.  It seems the java in the
> tomcat management server doesn't like having an IPv6 setup and so just
> goes away sulks and crashes.
> 
> I think creating a vmdk would be a neat idea and at least give some
> people an easy start to it all.

What do you guys think about a .qcow2 to run under Qemu/KVM?  This would
keep the image open-source.

-Eric

> 
>  - Craig

------------------------------------------------------------------------------
Sell apps to millions through the Intel(R) Atom(Tm) Developer Program
Be part of this innovative community and reach millions of netbook users 
worldwide. Take advantage of special opportunities to increase revenue and 
speed time-to-market. Join now, and jumpstart your future.
http://p.sf.net/sfu/intel-atom-d2d
Permalink | Reply | 3 comments |
headers
Ed Humes | 25 Aug 2010 15:13

Re: virtual appliance

> What do you guys think about a .qcow2 to run under Qemu/KVM?  This
would
> keep the image open-source.

Well, you asked for opinions right?

Any provider other than VMWare is nothing more than a niche player at
this point, including M$.

That and the fact that ESXi is free makes a vmdk solution the clear
choice to me.

------------------------------------------------------------------------------
Sell apps to millions through the Intel(R) Atom(Tm) Developer Program
Be part of this innovative community and reach millions of netbook users 
worldwide. Take advantage of special opportunities to increase revenue and 
speed time-to-market. Join now, and jumpstart your future.
http://p.sf.net/sfu/intel-atom-d2d
Permalink | Reply | 2 comments |

Gmane