Do+Able Products 12347 Uživatelský manuál Strana 20

  • Stažení
  • Přidat do mých příruček
  • Tisk
  • Strana
    / 57
  • Tabulka s obsahem
  • KNIHY
  • Hodnocené. / 5. Na základě hodnocení zákazníků
Zobrazit stránku 19
Hardware Management Console Best Practices
- 20 -
lssvcevents -t console
Earliest Timestamp Description
10/16/03 07:27:51 PM HSCE2175 User hscroot login failed
from remote host abcd.xyz.com with IP address
9.99.999.9999
Standard log entries that come from syslogd can be also be viewed on the HMC
by viewing the file /var/hsc/log/secure. This file can be read by users with System
Administrator role. It is under logrotate control. A valid user can simply use the
cat or tail command to view the file. A user with the System Administrator role
could also use the scp command to securely copy the file to another system.
For customers who wish to copy syslogd entries to a remote system, the chhmc
command can be used to change /etc/syslog.conf file on the HMC to specify a
system to which to copy. For example, the following command line will cause
syslog entries to be sent to the hostname myremotesys.company.com:
chhmc –c syslog –s add –h myremotesys.company.com
The systems administrator needs to make sure that the syslogd daemon running on
the target system is setup to receive message from the network. On most Linux
systems, this can be done by adding the –r option to the SYSLOGD_OPTIONS in
file /etc/sysconfig/syslog.
In AIX, the /etc/syslog.conf file would be edited by uncommenting the
appropriate lines at the bottom of the file, such as:
*.debug /tmp/syslog.out rotate size 100k files 4
*.crit /dev/console
Then the systems administrator would enter:
# touch /tmp/syslog.out
# refresh –s syslogd
Another method of further limiting commands in the restricted shell along with
logging the command(s) executed by users in syslog, is to use the logssh
command. This command is introduced in HMC Version 5 Release 1.0, and can
be added to the authorized_keys2 file to restrict a user from being able to open a
pseudo-tty using SSH. To do this, the system administrator, hscroot, would enter:
Zobrazit stránku 19
1 2 ... 15 16 17 18 19 20 21 22 23 24 25 ... 56 57

Komentáře k této Příručce

Žádné komentáře