Logwatch/xinetd configuration mismatch
Issue
-
Log type is incorrect for xinetd
-
Logwatch is not logging xinetd properly:
RHEL 5 and RHEL 6:
[root@server1] etc [3:47] grep log_type xinetd.conf
log_type = SYSLOG daemon info
RHEL 4 and RHEL 3:
[root@server2] etc [3:485] grep log_type xinetd.conf
log_type = SYSLOG authpriv
Logwatch's xinetd logs are checked by /usr/share/logwatch/scripts/services/secure, which in turn uses /usr/share/logwatch/default.conf/logfiles/secure.conf, which only checks:
LogFile = secure
LogFile = authlog
LogFile = auth.log
LogFile = auth.log.0
"daemon" logs are in /var/log/messages while "authpriv" logs are in /var/log/secure, this results xinetd logs not showing in logwatch report on RHEL5 and RHEL6 systems.
Environment
-
Red Hat Enterprise Linux 6 (RHEL 6)
-
Red Hat Enterprise Linux 5 (RHEL 5)
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
