HPE Community
Operating System - HP-UX
1754906 Members
3553 Online
108827 Solutions
New Discussion юеВ

Disabling ftpd logging to syslog

 
emx
Advisor

тАО05-28-2008 12:19 PM

тАО05-28-2008 12:19 PM

Disabling ftpd logging to syslog

Our syslog.log contains messages like this every few seconds:
May 29 00:45:11 smsc1 ftpd[15385]: allowed connection from 10.131.22.5
May 29 00:45:12 smsc1 ftpd[15391]: allowed connection from 10.131.22.5
May 29 00:45:17 smsc1 ftpd[15413]: allowed connection from 10.131.22.5
May 29 00:45:17 smsc1 ftpd[15419]: allowed connection from 10.131.22.5
May 29 00:45:22 smsc1 ftpd[15441]: allowed connection from 10.131.22.5
May 29 00:45:23 smsc1 ftpd[15447]: allowed connection from 10.131.22.5

I would like to disable this logging as it fills up syslog.log

Problem is... logging is not enabled! So how does this happen? Your hints would be most welcome!

emx@smsc1 /var/adm/syslog> grep ftp /etc/inetd.conf
ftp stream tcp nowait root /usr/lbin/tcpd /usr/lbin/ftpd ftpd

emx@smsc1 /var/adm/syslog> ps -ef|grep inetd
root 3359 1 0 Mar 31 ? 27:54 /usr/sbin/inetd

I have tried to execute "inetd -l" (thinking it would toggle logging) but it made things worse by adding an extra
May 29 00:44:19 smsc1 inetd[15068]: ftp/tcp: Connection from unknown (10.131.22.5) at Thu May 29 00:44:19 2008

So it isn't "-l" in inetd.

It isn't "-l" in ftpd in inetd.conf either

Any idea??
0 Kudos
4 REPLIES 4
Geoff Wild
Honored Contributor

тАО05-28-2008 12:26 PM

тАО05-28-2008 12:26 PM

Re: Disabling ftpd logging to syslog

In inetd.conf:

ftp stream tcp nowait root /usr/lbin/tcpd /usr/lbin/ftpd ftpd -l


Then inetd -c

Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
0 Kudos
emx
Advisor

тАО05-28-2008 12:31 PM

тАО05-28-2008 12:31 PM

Re: Disabling ftpd logging to syslog

Thanks Geoff but I want to DISABLE logging, not ENABLE it.

From ftpd man page:

-l Causes each FTP session to be logged in the syslog file.
0 Kudos
emx
Advisor

тАО05-28-2008 12:35 PM

тАО05-28-2008 12:35 PM

Re: Disabling ftpd logging to syslog

Found it!

The problem was due to TCP Wrappers being installed (the "tcpd" in my inetd.conf ftpd line)

I removed "/usr/lbin/tcpd" (as it wasn't used anyway) and restarted inetd.

No more annoying syslog messages.
0 Kudos
emx
Advisor

тАО05-28-2008 12:36 PM

тАО05-28-2008 12:36 PM

Re: Disabling ftpd logging to syslog

The logging was not caused by syslog or ftpd, it was caused by tcpd (TCPWrappers).

Removing tcpd solved the problem. If we need to enable access control, we'll use inetd.sec instead.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.