Bugtraq mailing list archives
SRS (Secure Remote Streaming): a secure Unix syslog
From: shok () CANNABIS DATAFORCE NET (Matt Conover)
Date: Wed, 12 Jan 2000 06:25:54 +0300
Hello Earthlings! I have a very special treat for you today! INTRODUCTION I'm excited to finally release what was and is the largest syslog implementation for Unix (or any operating system). For six months I (et. al.) worked on this project for RepSec, Inc. The total source (as demonstrated in the profile below) for this project was approximately 15,500 lines. It has its own original protocol to ensure reliability. Developed for RSI by myself (Matt Conover) and Mark Zielinski with contributions from Solar Designer (source audits, security fixes, and optimization), Bruce Schneier and Chris Hall (developed cryptography in it). I'm proud of this product, which is I'm bringing it to you now. RepSec was originally going to release this as a product. Brian Matthews originally requested that I develop this for them in May 1998. The expected time of completion was around a month (heh). Because the project was developed by only a few people (i.e., Mark Zielinski and I), progress was slow and burn out an issue. It remained in beta testing for several months as our finances slowly dripped away. When it was finally labled done (or good enough) in October of 1998, RepSec wasn't ready to release it. It's been well over a year now sine the project was completed, and this source still hasn't seen the light of day. I tried to get Brian Matthew's permission to release source several times without response. All previous employees (including CEO and president) of RSI are working elsewhere now. Since it's been over a year with RSI dead and dissolved and the source still unpublic, I think I can safely safe profit loss from the release of this source is minimal. I've placed an online archive of the source at http://www.w00w00.org/files/SRS and the full, original source is available at http://www.w00w00.org/files/SRS.tgz. This code hasn't been changed in over a year, and the original comments, TODOs, READMEs, etc. are all still there. If there are bugs, you can tell me about them and I can look into them, but as I previous said, this was an RSI product, and I am not working with them or developing this product anymore. I will treat this the same way I do ShokDial (a wardialer for unix that I'm no longer developing): you can submit patches/fixes and I will apply them to the source tree (assuming they are fit) but will not do anything myself. DETAILS This and syslogd may NOT be running at the same time. This is a syslogd replace--not an enhancer. They can't be run at the same time because they both need to read /dev/syslog. To see whats going on, run with -d or compile the source with -DDEBUG. The result will be like that of client.log and server.log, which I've attached in this document (you can find them at http://www.w00w00.org/files/SRS/logs). The client first parses /etc/syslog.conf (2-3 days and 1000+ lines of C code to parse it!) and passes the information onto the server. The parsing is done through recursive calls to the parsing function. It then connects to a statically defined "info server" (primary, or secondary if primary is down) to get a list of streaming servers. The client is required to send its identification and respond to a very basic challenge by the server. Logs are then streamed on the server to /var/log/SRS/clients/ID/subID. If you had one ID, you were allowed to connect three times simultaneously. The logs streamed were logged into separate files, categorized by ID and sub-ID (i.e., /var/logs/SRS/0001/1). The info server reads from a list of streaming servers each time the client requests it. This was done so that admins on the server could update the streaming server list dynamically, so that a client could receive the most up-to-date list (changed when a server is down or added) without restarting the server. The client cycles through the list of streaming servers, until it finds a working server. If it reaches the bottom, it will pause and jump to the top. If at anytime the client is disconnected, it will move on to the next streaming server in the list (the list is stored in /etc/SRS.servers or some such). We had originally planned on developing a tool that would connect to each streaming server, download all the clients logs, and reorganize them. It would be useful because the logs could be split across several machines (i.e., client streams to server A, server A is crashed by an attacker, and then begins streaming to server B). We all this to ensure reliability--if an attacker managed to crash, halt, or lag a streaming server, the client could move on unharmed. We also implemented a ping/pong, so that each side (client and server) could verify the other was still connected and running smoothly, and if not, disconnect from each other. We still detect disconnects by failed recv system calls; this is meant to handle strange situations where no FIN or RST is ever sent and/or the system becomes boggled down. IN THE SOURCE You have makekeys.[god|client|server] scripts. It was setup in a three-tier heirarchy so that you could have a server certificate could accept any client certificate and a client certificate could accept any server certificate (scripts/method done by Chris Hall of Counterpane). You should not need to run these, because the install.sh in the client/server directory does all the installation stuff for you (including setting up certificates). I left our original 'doall' script, which built the basic *.in's (configure.in, Makefile.am, etc.) through use of things like automake, autoconf, etc. I include these in the interests of the general public--I'm hoping people will find our techniques for automating the installation process on Unix-derived systems useful. I included everything so that you could see everything from a developer's point-of-view. Although SSLeay has become OpenSSL, it was SSLeay back in 1998 and I'm no longer developing it. You'll also see we said it works on things like Redhat 3.0. Redhat is up in the 6.x now, but as I said, we haven't been developing it. I assume it will still work on all current versions of the operating systems we mentioned (Solaris/Linux/BSD). It has not been tested on all Linux and BSD flavors, only a few specifics. We know it works on BSDI, Redhat, Slackware, and Solaris (through hackery). We have defines for things like SUN, BSD, and LINUX in the source for various include files or conflicting code (i.e., these operating systems handle /dev/syslog differently). We found that named pipes work different on these systems (smile). These should be set up for you by our installation and configuration scripts (we went through great pains to automate this all for the customer). People to thank: Bruce Schneier and Chris Hall (Counterpane Internet Security), Solar Designer, Mark Zielinski, Brian Matthews, and Brian Martin Places I'd like to give hellos: w00w00 Security Development, Bindview Development, CW Security Research, Technotronic, eEye, Roses Labs, and UssrLabs. PROFILE Server code: ^^^^^^^^^^^^ *.c = 6287 lines *.h = 709 lines scripts = 354 lines --------------------------- Client code: ^^^^^^^^^^^^ *.c = 7731 lines *.h = 790 lines scripts = 176 lines --------------------------- Generic code: ^^^^^^^^^^^^^ docs = 416 lines configure files = 101 lines Makefiles = 600 lines --------------------------- Total: *.c = 14018 lines *.h = 1499 lines Total code: 15517 lines scripts = 530 lines docs = 416 lines config files = 101 lines Makefiles = 600 lines Total source in package: 17164 lines ---------------------------------------------- SSS [client] restarted on: Sun Oct 4 07:25:48 1998 [DEBUG (pid 1810)]: writing debug log to /var/log/SSS/debug.log [DEBUG (pid 1810)]: writing error log to /var/log/SSS/error.log [DEBUG (pid 1810)]: getting the shared memory ID [DEBUG (pid 1810)]: attaching the shared memory segment [DEBUG (pid 1810)]: removing the shared memory ID [DEBUG (pid 1810)]: local timezone: MST [DEBUG (pid 1810)]: parsing /etc/syslog.conf... don't try to understand this [DEBUG (pid 1810)]: -------------------------------------------------------- [DEBUG (pid 1810)]: parsing line: # /etc/syslog.conf [DEBUG (pid 1810)]: parsing line: # For info about the format of this file, see "man syslog.conf" (the BSD man [DEBUG (pid 1810)]: parsing line: # page), and /usr/doc/sysklogd/README.linux. [DEBUG (pid 1810)]: parsing line: # [DEBUG (pid 1810)]: parsing line: # NOTE: YOU HAVE TO USE TABS HERE - NOT SPACES. [DEBUG (pid 1810)]: parsing line: # I don't know why. [DEBUG (pid 1810)]: parsing line: # [DEBUG (pid 1810)]: parsing line: *.* |/etc/pipe.log [DEBUG (pid 1810)]: (in parseSysConf) curlogfd = 0 [DEBUG (pid 1810)]: facility = * (all facilities) [DEBUG (pid 1810)]: priority = * (all priorities) [DEBUG (pid 1810)]: current seperator = 0x9 (in hex) [DEBUG (pid 1810)]: dataptr = | [ERROR (pid 1810)]: named pipes ('|') aren't supported at this time outputting to the following file instead: /w00w00/logs/SSS/pipe.log-pipe.log [DEBUG (pid 1810)]: parsing line: *.=info;*.=notice;*.warn;mail.none /usr/adm/messages [DEBUG (pid 1810)]: (in parseSysConf) curlogfd = 1 [DEBUG (pid 1810)]: facility = * (all facilities) [DEBUG (pid 1810)]: single ('=') on [DEBUG (pid 1810)]: priority = info [DEBUG (pid 1810)]: current seperator = ';' [DEBUG (pid 1810)]: dataptr = / [DEBUG (pid 1810)]: logging *.info to: /usr/adm/messages [DEBUG (pid 1810)]: ---before parseSysConf--- [DEBUG (pid 1810)]: (in parseSysConf) curlogfd = 2 [DEBUG (pid 1810)]: facility = * (all facilities) [DEBUG (pid 1810)]: single ('=') on [DEBUG (pid 1810)]: priority = notice [DEBUG (pid 1810)]: current seperator = ';' [DEBUG (pid 1810)]: dataptr = / [DEBUG (pid 1810)]: logging *.notice to: /usr/adm/messages [DEBUG (pid 1810)]: ---before parseSysConf--- [DEBUG (pid 1810)]: (in parseSysConf) curlogfd = 3 [DEBUG (pid 1810)]: facility = * (all facilities) [DEBUG (pid 1810)]: priority = warn [DEBUG (pid 1810)]: current seperator = ';' [DEBUG (pid 1810)]: dataptr = / [DEBUG (pid 1810)]: logging *.warn to: /usr/adm/messages [DEBUG (pid 1810)]: ---before parseSysConf--- [DEBUG (pid 1810)]: (in parseSysConf) curlogfd = 4 [DEBUG (pid 1810)]: facility = mail [DEBUG (pid 1810)]: current seperator = . [DEBUG (pid 1810)]: priority = none (no priorities) [DEBUG (pid 1810)]: current seperator = 0x9 (in hex) [DEBUG (pid 1810)]: dataptr = / [DEBUG (pid 1810)]: logging mail.none to: /usr/adm/messages [DEBUG (pid 1810)]: parsing line: *.=debug /usr/adm/debug [DEBUG (pid 1810)]: (in parseSysConf) curlogfd = 5 [DEBUG (pid 1810)]: facility = * (all facilities) [DEBUG (pid 1810)]: single ('=') on [DEBUG (pid 1810)]: priority = debug [DEBUG (pid 1810)]: current seperator = 0x9 (in hex) [DEBUG (pid 1810)]: dataptr = / [DEBUG (pid 1810)]: logging *.debug to: /usr/adm/debug [DEBUG (pid 1810)]: parsing line: *.warn;*.crit;*.emerg /usr/adm/syslog [DEBUG (pid 1810)]: (in parseSysConf) curlogfd = 6 [DEBUG (pid 1810)]: facility = * (all facilities) [DEBUG (pid 1810)]: priority = warn [DEBUG (pid 1810)]: current seperator = ';' [DEBUG (pid 1810)]: dataptr = / [DEBUG (pid 1810)]: logging *.warn to: /usr/adm/syslog [DEBUG (pid 1810)]: ---before parseSysConf--- [DEBUG (pid 1810)]: (in parseSysConf) curlogfd = 7 [DEBUG (pid 1810)]: facility = * (all facilities) [DEBUG (pid 1810)]: priority = crit [DEBUG (pid 1810)]: current seperator = ';' [DEBUG (pid 1810)]: dataptr = / [DEBUG (pid 1810)]: logging *.crit to: /usr/adm/syslog [DEBUG (pid 1810)]: ---before parseSysConf--- [DEBUG (pid 1810)]: (in parseSysConf) curlogfd = 8 [DEBUG (pid 1810)]: facility = * (all facilities) [DEBUG (pid 1810)]: priority = emerg [DEBUG (pid 1810)]: current seperator = 0x9 (in hex) [DEBUG (pid 1810)]: dataptr = / [DEBUG (pid 1810)]: logging *.emerg to: /usr/adm/syslog [DEBUG (pid 1810)]: parsing line: *.* /dev/tty13 [DEBUG (pid 1810)]: (in parseSysConf) curlogfd = 9 [DEBUG (pid 1810)]: facility = * (all facilities) [DEBUG (pid 1810)]: priority = * (all priorities) [DEBUG (pid 1810)]: current seperator = 0x9 (in hex) [DEBUG (pid 1810)]: dataptr = / [DEBUG (pid 1810)]: logging *.* to: /dev/tty13 [DEBUG (pid 1810)]: /dev/tty13 is a tty (device) [DEBUG (pid 1810)]: parsing line: *.emerg * [DEBUG (pid 1810)]: (in parseSysConf) curlogfd = 10 [DEBUG (pid 1810)]: facility = * (all facilities) [DEBUG (pid 1810)]: priority = emerg [DEBUG (pid 1810)]: current seperator = 0x9 (in hex) [DEBUG (pid 1810)]: dataptr = * [ERROR (pid 1810)]: wall'ing is not supported at this time.. outputting *.emerg to /w00w00/logs/SSS/wall.log instead [DEBUG (pid 1810)]: parsing line: *.err shok,root,notik [DEBUG (pid 1810)]: (in parseSysConf) curlogfd = 11 [DEBUG (pid 1810)]: facility = * (all facilities) [DEBUG (pid 1810)]: priority = err [DEBUG (pid 1810)]: current seperator = 0x9 (in hex) [DEBUG (pid 1810)]: dataptr = s [ERROR (pid 1810)]: logging msgs to users is not supported yet.. outputting to the following instead: [ERROR (pid 1810)]: *.err to /w00w00/logs/SSS/shok-user.log [ERROR (pid 1810)]: *.err to /w00w00/logs/SSS/root-user.log [ERROR (pid 1810)]: *.err to /w00w00/logs/SSS/notik-user.log [DEBUG (pid 1810)]: parsing line: auth.* /usr/adm/log.auth [DEBUG (pid 1810)]: (in parseSysConf) curlogfd = 14 [DEBUG (pid 1810)]: facility = auth [DEBUG (pid 1810)]: current seperator = . [DEBUG (pid 1810)]: priority = * (all priorities) [DEBUG (pid 1810)]: current seperator = 0x9 (in hex) [DEBUG (pid 1810)]: dataptr = / [DEBUG (pid 1810)]: logging auth.* to: /usr/adm/log.auth [DEBUG (pid 1810)]: parsing line: cron.* /usr/adm/log.cron [DEBUG (pid 1810)]: (in parseSysConf) curlogfd = 15 [DEBUG (pid 1810)]: facility = cron [DEBUG (pid 1810)]: current seperator = . [DEBUG (pid 1810)]: priority = * (all priorities) [DEBUG (pid 1810)]: current seperator = 0x9 (in hex) [DEBUG (pid 1810)]: dataptr = / [DEBUG (pid 1810)]: logging cron.* to: /usr/adm/log.cron [DEBUG (pid 1810)]: parsing line: daemon.notice /usr/adm/log.daemon [DEBUG (pid 1810)]: (in parseSysConf) curlogfd = 16 [DEBUG (pid 1810)]: facility = daemon [DEBUG (pid 1810)]: current seperator = . [DEBUG (pid 1810)]: priority = notice [DEBUG (pid 1810)]: current seperator = 0x9 (in hex) [DEBUG (pid 1810)]: dataptr = / [DEBUG (pid 1810)]: logging daemon.notice to: /usr/adm/log.daemon [DEBUG (pid 1810)]: parsing line: kern.info /usr/adm/log.kern [DEBUG (pid 1810)]: (in parseSysConf) curlogfd = 17 [DEBUG (pid 1810)]: facility = kern [DEBUG (pid 1810)]: current seperator = . [DEBUG (pid 1810)]: priority = info [DEBUG (pid 1810)]: current seperator = 0x9 (in hex) [DEBUG (pid 1810)]: dataptr = / [DEBUG (pid 1810)]: logging kern.info to: /usr/adm/log.kern [DEBUG (pid 1810)]: parsing line: mail.* /usr/adm/log.mail [DEBUG (pid 1810)]: (in parseSysConf) curlogfd = 18 [DEBUG (pid 1810)]: facility = mail [DEBUG (pid 1810)]: current seperator = . [DEBUG (pid 1810)]: priority = * (all priorities) [DEBUG (pid 1810)]: current seperator = 0x9 (in hex) [DEBUG (pid 1810)]: dataptr = / [DEBUG (pid 1810)]: logging mail.* to: /usr/adm/log.mail [DEBUG (pid 1810)]: parsing line: mark.* /usr/adm/log.mark [DEBUG (pid 1810)]: (in parseSysConf) curlogfd = 19 [DEBUG (pid 1810)]: facility = mark [DEBUG (pid 1810)]: current seperator = . [DEBUG (pid 1810)]: priority = * (all priorities) [DEBUG (pid 1810)]: current seperator = 0x9 (in hex) [DEBUG (pid 1810)]: dataptr = / [DEBUG (pid 1810)]: logging mark.* to: /usr/adm/log.mark [DEBUG (pid 1810)]: parsing line: syslog.* /usr/adm/log.syslog [DEBUG (pid 1810)]: (in parseSysConf) curlogfd = 20 [DEBUG (pid 1810)]: facility = syslog [DEBUG (pid 1810)]: current seperator = . [DEBUG (pid 1810)]: priority = * (all priorities) [DEBUG (pid 1810)]: current seperator = 0x9 (in hex) [DEBUG (pid 1810)]: dataptr = / [DEBUG (pid 1810)]: logging syslog.* to: /usr/adm/log.syslog [DEBUG (pid 1810)]: parsing line: user.* /usr/adm/log.user [DEBUG (pid 1810)]: (in parseSysConf) curlogfd = 21 [DEBUG (pid 1810)]: facility = user [DEBUG (pid 1810)]: current seperator = . [DEBUG (pid 1810)]: priority = * (all priorities) [DEBUG (pid 1810)]: current seperator = 0x9 (in hex) [DEBUG (pid 1810)]: dataptr = / [DEBUG (pid 1810)]: logging user.* to: /usr/adm/log.user [DEBUG (pid 1810)]: parsing line: uucp.* /usr/adm/log.uucp [DEBUG (pid 1810)]: (in parseSysConf) curlogfd = 22 [DEBUG (pid 1810)]: facility = uucp [DEBUG (pid 1810)]: current seperator = . [DEBUG (pid 1810)]: priority = * (all priorities) [DEBUG (pid 1810)]: current seperator = 0x9 (in hex) [DEBUG (pid 1810)]: dataptr = / [DEBUG (pid 1810)]: logging uucp.* to: /usr/adm/log.uucp [DEBUG (pid 1810)]: parsing line: lpr.* /usr/adm/log.lpr [DEBUG (pid 1810)]: (in parseSysConf) curlogfd = 23 [DEBUG (pid 1810)]: facility = lpr [DEBUG (pid 1810)]: current seperator = . [DEBUG (pid 1810)]: priority = * (all priorities) [DEBUG (pid 1810)]: current seperator = 0x9 (in hex) [DEBUG (pid 1810)]: dataptr = / [DEBUG (pid 1810)]: logging lpr.* to: /usr/adm/log.lpr [DEBUG (pid 1810)]: parsing line: news.* /usr/adm/log.news [DEBUG (pid 1810)]: (in parseSysConf) curlogfd = 24 [DEBUG (pid 1810)]: facility = news [DEBUG (pid 1810)]: current seperator = . [DEBUG (pid 1810)]: priority = * (all priorities) [DEBUG (pid 1810)]: current seperator = 0x9 (in hex) [DEBUG (pid 1810)]: dataptr = / [DEBUG (pid 1810)]: logging news.* to: /usr/adm/log.news [DEBUG (pid 1810)]: parsing line: *.* /usr/adm/alljunk [DEBUG (pid 1810)]: (in parseSysConf) curlogfd = 25 [DEBUG (pid 1810)]: facility = * (all facilities) [DEBUG (pid 1810)]: priority = * (all priorities) [DEBUG (pid 1810)]: current seperator = 0x9 (in hex) [DEBUG (pid 1810)]: dataptr = / [DEBUG (pid 1810)]: logging *.* to: /usr/adm/alljunk [DEBUG (pid 1810)]: parsing line: # [DEBUG (pid 1810)]: parsing line: # This might work instead to log on a remote host: [DEBUG (pid 1810)]: parsing line: # * @hostname [DEBUG (pid 1810)]: current files being logged to: [DEBUG (pid 1810)]: /w00w00/logs/SSS/pipe.log-pipe.log, for *.* [DEBUG (pid 1810)]: /usr/adm/messages, for *.info [DEBUG (pid 1810)]: /usr/adm/messages, for *.notice [DEBUG (pid 1810)]: /usr/adm/messages, for *.warn [DEBUG (pid 1810)]: /usr/adm/messages, for mail.none [DEBUG (pid 1810)]: /usr/adm/debug, for *.debug [DEBUG (pid 1810)]: /usr/adm/syslog, for *.warn [DEBUG (pid 1810)]: /usr/adm/syslog, for *.crit [DEBUG (pid 1810)]: /usr/adm/syslog, for *.panic [DEBUG (pid 1810)]: /dev/tty13, for *.* [DEBUG (pid 1810)]: /w00w00/logs/SSS/wall.log, for *.panic [DEBUG (pid 1810)]: /w00w00/logs/SSS/shok-user.log, for *.err [DEBUG (pid 1810)]: /w00w00/logs/SSS/root-user.log, for *.err [DEBUG (pid 1810)]: /w00w00/logs/SSS/notik-user.log, for *.err [DEBUG (pid 1810)]: /usr/adm/log.auth, for auth.* [DEBUG (pid 1810)]: /usr/adm/log.cron, for cron.* [DEBUG (pid 1810)]: /usr/adm/log.daemon, for daemon.notice [DEBUG (pid 1810)]: /usr/adm/log.kern, for kern.info [DEBUG (pid 1810)]: /usr/adm/log.mail, for mail.* [DEBUG (pid 1810)]: /usr/adm/log.mark, for mark.* [DEBUG (pid 1810)]: /usr/adm/log.syslog, for syslog.* [DEBUG (pid 1810)]: /usr/adm/log.user, for user.* [DEBUG (pid 1810)]: /usr/adm/log.uucp, for uucp.* [DEBUG (pid 1810)]: /usr/adm/log.lpr, for lpr.* [DEBUG (pid 1810)]: /usr/adm/log.news, for news.* [DEBUG (pid 1810)]: /usr/adm/alljunk, for *.* [DEBUG (pid 1810)]: (in initStream) initializing server for streaming.. [DEBUG (pid 1810)]: (in getSSSuser) parsing line: # This was generate automatically be SSS setup.sh [DEBUG (pid 1810)]: (in getSSSuser) parsing line: # Do not modify [DEBUG (pid 1810)]: (in getSSSuser) parsing line: [DEBUG (pid 1810)]: (in getSSSuser) parsing line: sss [DEBUG (pid 1810)]: now attempting to connect to an info server... [DEBUG (pid 1810)]: attempting to bind to port 1022 [DEBUG (pid 1810)]: successfully bind'd to port 1022 [DEBUG (pid 1809)]: sending the following to the client: SUCCESSFUL connect [DEBUG (pid 1810)]: receiving data... [DEBUG (pid 1810)]: data received from server.. [DEBUG (pid 1810)]: the data is: SUCCESSFUL connect [DEBUG (pid 1810)]: checking for successful connect [DEBUG (pid 1810)]: (the data is): SUCCESSFUL connect [DEBUG (pid 1810)]: sending the following to the server: ID 0001 [DEBUG (pid 1810)]: receiving data... [DEBUG (pid 1810)]: the data is: VERIFY 316685958 [DEBUG (pid 1810)]: sending the following to the server: VERIFY 316685958 [DEBUG (pid 1810)]: receiving data... [DEBUG (pid 1810)]: data received from server.. [DEBUG (pid 1810)]: the data is: SUCCESSFUL verification [DEBUG (pid 1810)]: sending the following to the server: VERS [DEBUG (pid 1810)]: receiving data... [DEBUG (pid 1810)]: data received from server.. [DEBUG (pid 1810)]: the data is: CVER 1, SVER 1 [DEBUG (pid 1810)]: (in getVers) data is: CVER 1, SVER 1 [DEBUG (pid 1810)]: got client & server version.. now parsing.. [DEBUG (pid 1810)]: now we have list of new client/server versions.. [DEBUG (pid 1810)]: sending the following to the server: SERVLIST [DEBUG (pid 1810)]: receiving data... [DEBUG (pid 1810)]: data received from server.. [DEBUG (pid 1810)]: the data is: SERV localhost [DEBUG (pid 1810)]: (in getServList) data is: SERV localhost [DEBUG (pid 1810)]: parsing server servNames[0] (server #1) [DEBUG (pid 1810)]: receiving data... [DEBUG (pid 1810)]: data received from server.. [DEBUG (pid 1810)]: the data is: SERV prodigy.repsec.com [DEBUG (pid 1810)]: (in getServList) data is: SERV prodigy.repsec.com [DEBUG (pid 1810)]: parsing server servNames[1] (server #2) [DEBUG (pid 1810)]: receiving data... [DEBUG (pid 1810)]: data received from server.. [DEBUG (pid 1810)]: the data is: SERV enigma.repsec.com [DEBUG (pid 1810)]: (in getServList) data is: SERV enigma.repsec.com [DEBUG (pid 1810)]: parsing server servNames[2] (server #3) [DEBUG (pid 1810)]: receiving data... [DEBUG (pid 1810)]: data received from server.. [DEBUG (pid 1810)]: the data is: DONE [DEBUG (pid 1810)]: (in getServList) data is: DONE [DEBUG (pid 1810)]: now we have the streaming server list.. [DEBUG (pid 1810)]: now disconnecting from server... [DEBUG (pid 1810)]: sending the following to the server: QUIT [DEBUG (pid 1810)]: now connecting to a streaming server... [DEBUG (pid 1810)]: attempting to bind to port 1021 [DEBUG (pid 1810)]: successfully bind'd to port 1021 [DEBUG (pid 1810)]: receiving data... [DEBUG (pid 1809)]: sending the following to the client: SUCCESSFUL connect [DEBUG (pid 1810)]: data received from server.. [DEBUG (pid 1810)]: the data is: SUCCESSFUL connect [DEBUG (pid 1810)]: checking for successful connect... got it [DEBUG (pid 1810)]: (in parent) connected to a streaming server.. [DEBUG (pid 1810)]: sending the following to the server: ID 0001 [DEBUG (pid 1810)]: receiving data... [DEBUG (pid 1809)]: data received from the client [DEBUG (pid 1809)]: data is: ID 0001 [DEBUG (pid 1809)]: (in procData) ID part.. data is: ID 0001 [DEBUG (pid 1810)]: data received from server.. [DEBUG (pid 1810)]: the data is: VERIFY 1197369982 [DEBUG (pid 1810)]: sending the following to the server: VERIFY 1197369982 [DEBUG (pid 1810)]: receiving data... [DEBUG (pid 1810)]: data received from server.. [DEBUG (pid 1810)]: the data is: SUCCESSFUL verification [DEBUG (pid 1810)]: sending the following to the server: START SYSLOG.CONF [DEBUG (pid 1810)]: receiving data... [DEBUG (pid 1810)]: data received from server.. [DEBUG (pid 1810)]: the data is: START SYSLOG.CONF OKAY [DEBUG (pid 1810)]: got server's permissions to start sending [DEBUG (pid 1810)]: sending the following to the server: # /etc/syslog.conf [DEBUG (pid 1810)]: sending the following to the server: # For info about the format of this file, see "man syslog.conf" (the BSD man [DEBUG (pid 1810)]: sending the following to the server: # page), and /usr/doc/sysklogd/README.linux. [DEBUG (pid 1810)]: sending the following to the server: # [DEBUG (pid 1810)]: sending the following to the server: # NOTE: YOU HAVE TO USE TABS HERE - NOT SPACES. [DEBUG (pid 1810)]: sending the following to the server: # I don't know why. [DEBUG (pid 1810)]: sending the following to the server: # [DEBUG (pid 1810)]: sending the following to the server: *.* |/etc/pipe.log [DEBUG (pid 1810)]: sending the following to the server: *.=info;*.=notice;*.warn;mail.none /usr/adm/messages [DEBUG (pid 1810)]: sending the following to the server: *.=debug /usr/adm/debug [DEBUG (pid 1810)]: sending the following to the server: *.warn;*.crit;*.emerg /usr/adm/syslog [DEBUG (pid 1810)]: sending the following to the server: *.* /dev/tty13 [DEBUG (pid 1810)]: sending the following to the server: *.emerg * [DEBUG (pid 1810)]: sending the following to the server: *.err shok,root,notik [DEBUG (pid 1810)]: sending the following to the server: auth.* /usr/adm/log.auth [DEBUG (pid 1810)]: sending the following to the server: cron.* /usr/adm/log.cron [DEBUG (pid 1810)]: sending the following to the server: daemon.notice /usr/adm/log.daemon [DEBUG (pid 1810)]: sending the following to the server: kern.info /usr/adm/log.kern [DEBUG (pid 1810)]: sending the following to the server: mail.* /usr/adm/log.mail [DEBUG (pid 1810)]: sending the following to the server: mark.* /usr/adm/log.mark [DEBUG (pid 1810)]: sending the following to the server: syslog.* /usr/adm/log.syslog [DEBUG (pid 1810)]: sending the following to the server: user.* /usr/adm/log.user [DEBUG (pid 1810)]: sending the following to the server: uucp.* /usr/adm/log.uucp [DEBUG (pid 1810)]: sending the following to the server: lpr.* /usr/adm/log.lpr [DEBUG (pid 1810)]: sending the following to the server: news.* /usr/adm/log.news [DEBUG (pid 1810)]: sending the following to the server: *.* /usr/adm/alljunk [DEBUG (pid 1810)]: sending the following to the server: # [DEBUG (pid 1810)]: sending the following to the server: # This might work instead to log on a remote host: [DEBUG (pid 1810)]: sending the following to the server: # * @hostname [DEBUG (pid 1810)]: sending the following to the server: END SYSLOG.CONF [DEBUG (pid 1810)]: receiving data... [DEBUG (pid 1810)]: data received from server.. [DEBUG (pid 1810)]: the data is: SUCCESSFUL logging [DEBUG (pid 1810)]: now telling server we're streaming.. [DEBUG (pid 1810)]: sending the following to the server: START STREAM [DEBUG (pid 1810)]: now checking for spooled data... [DEBUG (pid 1810)]: spooled data (if any) was sent... [DEBUG (pid 1810)]: now streaming live logs [DEBUG (pid 1810)]: now waiting for system logs to stream... [ERROR (pid 1810)]: error reading klogfd.. removing [DEBUG (pid 1810)]: sending the following to the server: STREAM: <38>Oct 4 07:26:09 PAM_pwdb[1815]: (su) session opened for user notik by root(uid=515) [DEBUG (pid 1810)]: facility = 4, priority = 6 [DEBUG (pid 1810)]: facility = auth, priority = info [DEBUG (pid 1810)]: writing the following to /w00w00/logs/SSS/pipe.log-pipe.log: Oct 4 07:26:09 PAM_pwdb[1815]: (su) session opened for user notik by root(uid=515) [DEBUG (pid 1810)]: writing the following to /usr/adm/messages: Oct 4 07:26:09 PAM_pwdb[1815]: (su) session opened for user notik by root(uid=515) [DEBUG (pid 1810)]: writing the following to /usr/adm/syslog: Oct 4 07:26:09 PAM_pwdb[1815]: (su) session opened for user notik by root(uid=515) [DEBUG (pid 1810)]: writing the following to /dev/tty13: Oct 4 07:26:09 PAM_pwdb[1815]: (su) session opened for user notik by root(uid=515) [DEBUG (pid 1810)]: writing the following to /w00w00/logs/SSS/wall.log: Oct 4 07:26:09 PAM_pwdb[1815]: (su) session opened for user notik by root(uid=515) [DEBUG (pid 1810)]: writing the following to /w00w00/logs/SSS/shok-user.log: Oct 4 07:26:09 PAM_pwdb[1815]: (su) session opened for user notik by root(uid=515) [DEBUG (pid 1810)]: writing the following to /w00w00/logs/SSS/root-user.log: Oct 4 07:26:09 PAM_pwdb[1815]: (su) session opened for user notik by root(uid=515) [DEBUG (pid 1810)]: writing the following to /w00w00/logs/SSS/notik-user.log: Oct 4 07:26:09 PAM_pwdb[1815]: (su) session opened for user notik by root(uid=515) [DEBUG (pid 1810)]: writing the following to /usr/adm/log.auth: Oct 4 07:26:09 PAM_pwdb[1815]: (su) session opened for user notik by root(uid=515) [DEBUG (pid 1810)]: writing the following to /usr/adm/alljunk: Oct 4 07:26:09 PAM_pwdb[1815]: (su) session opened for user notik by root(uid=515) [DEBUG (pid 1810)]: sending the following to the server: STREAM: <38>Oct 4 07:26:10 PAM_pwdb[1815]: (su) session closed for user notik [DEBUG (pid 1810)]: facility = 4, priority = 6 [DEBUG (pid 1810)]: facility = auth, priority = info [DEBUG (pid 1810)]: writing the following to /w00w00/logs/SSS/pipe.log-pipe.log: Oct 4 07:26:10 PAM_pwdb[1815]: (su) session closed for user notik [DEBUG (pid 1810)]: writing the following to /usr/adm/messages: Oct 4 07:26:10 PAM_pwdb[1815]: (su) session closed for user notik [DEBUG (pid 1810)]: writing the following to /usr/adm/syslog: Oct 4 07:26:10 PAM_pwdb[1815]: (su) session closed for user notik [DEBUG (pid 1810)]: writing the following to /dev/tty13: Oct 4 07:26:10 PAM_pwdb[1815]: (su) session closed for user notik [DEBUG (pid 1810)]: writing the following to /w00w00/logs/SSS/wall.log: Oct 4 07:26:10 PAM_pwdb[1815]: (su) session closed for user notik [DEBUG (pid 1810)]: writing the following to /w00w00/logs/SSS/shok-user.log: Oct 4 07:26:10 PAM_pwdb[1815]: (su) session closed for user notik [DEBUG (pid 1810)]: writing the following to /w00w00/logs/SSS/root-user.log: Oct 4 07:26:10 PAM_pwdb[1815]: (su) session closed for user notik [DEBUG (pid 1810)]: writing the following to /w00w00/logs/SSS/notik-user.log: Oct 4 07:26:10 PAM_pwdb[1815]: (su) session closed for user notik [DEBUG (pid 1810)]: writing the following to /usr/adm/log.auth: Oct 4 07:26:10 PAM_pwdb[1815]: (su) session closed for user notik [DEBUG (pid 1810)]: writing the following to /usr/adm/alljunk: Oct 4 07:26:10 PAM_pwdb[1815]: (su) session closed for user notik [DEBUG (pid 1810)]: new data from server [DEBUG (pid 1810)]: receiving data... [ERROR (pid 1810)]: error with SSL_read: No such file or directory * NOTE: this error occured before the server disconnected (did it on purpose to demonstrate how it works) [DEBUG (pid 1810)]: now restarting.. [DEBUG (pid 1810)]: now disconnecting from server... [DEBUG (pid 1810)]: sending the following to the server: QUIT [ERROR (pid 1810)]: error with SSL_write: Broken pipe [DEBUG (pid 1810)]: now restarting.. [DEBUG (pid 1810)]: now connecting to a streaming server... [DEBUG (pid 1810)]: attempting to bind to port 1020 [DEBUG (pid 1810)]: successfully bind'd to port 1020 [DEBUG (pid 1810)]: receiving data... [ERROR (pid 1810)]: error with SSL_read: No such file or directory [DEBUG (pid 1810)]: now restarting.. [DEBUG (pid 1810)]: now connecting to a streaming server... [DEBUG (pid 1810)]: attempting to bind to port 1019 [DEBUG (pid 1810)]: successfully bind'd to port 1019 [ERROR (pid 1810)]: error connecting: Connection refused [ERROR (pid 1810)]: received a signal/error to abort.. now exiting [DEBUG (pid 1810)]: closing sockets [DEBUG (pid 1810)]: freeing serverlist [DEBUG (pid 1810)]: detaching shared memory ---------------------------------------------- SSS [client] restarted on: Mon Oct 5 00:54:54 1998 [DEBUG (pid 727)]: writing debug log to /var/log/SSS/debug.log [DEBUG (pid 727)]: writing error log to /var/log/SSS/error.log [DEBUG (pid 727)]: getting the shared memory ID [DEBUG (pid 727)]: attaching the shared memory segment [DEBUG (pid 727)]: removing the shared memory ID [DEBUG (pid 727)]: local timezone: MST [DEBUG (pid 727)]: parsing /etc/syslog.conf... don't try to understand this [DEBUG (pid 727)]: -------------------------------------------------------- [DEBUG (pid 727)]: parsing line: # /etc/syslog.conf [DEBUG (pid 727)]: parsing line: # For info about the format of this file, see "man syslog.conf" (the BSD man [DEBUG (pid 727)]: parsing line: # page), and /usr/doc/sysklogd/README.linux. [DEBUG (pid 727)]: parsing line: # [DEBUG (pid 727)]: parsing line: # NOTE: YOU HAVE TO USE TABS HERE - NOT SPACES. [DEBUG (pid 727)]: parsing line: # I don't know why. [DEBUG (pid 727)]: parsing line: # [DEBUG (pid 727)]: parsing line: *.* |/etc/pipe.log [DEBUG (pid 727)]: (in parseSysConf) curlogfd = 0 [DEBUG (pid 727)]: facility = * (all facilities) [DEBUG (pid 727)]: priority = * (all priorities) [DEBUG (pid 727)]: current seperator = 0x9 (in hex) [DEBUG (pid 727)]: dataptr = | [ERROR (pid 727)]: named pipes ('|') aren't supported at this time outputting to the following file instead: /w00w00/logs/SSS/pipe.log-pipe.log [DEBUG (pid 727)]: parsing line: *.=info;*.=notice;*.warn;mail.none /usr/adm/messages [DEBUG (pid 727)]: (in parseSysConf) curlogfd = 1 [DEBUG (pid 727)]: facility = * (all facilities) [DEBUG (pid 727)]: single ('=') on [DEBUG (pid 727)]: priority = info [DEBUG (pid 727)]: current seperator = ';' [DEBUG (pid 727)]: dataptr = / [DEBUG (pid 727)]: logging *.info to: /usr/adm/messages [DEBUG (pid 727)]: ---before parseSysConf--- [DEBUG (pid 727)]: (in parseSysConf) curlogfd = 2 [DEBUG (pid 727)]: facility = * (all facilities) [DEBUG (pid 727)]: single ('=') on [DEBUG (pid 727)]: priority = notice [DEBUG (pid 727)]: current seperator = ';' [DEBUG (pid 727)]: dataptr = / [DEBUG (pid 727)]: logging *.notice to: /usr/adm/messages [DEBUG (pid 727)]: ---before parseSysConf--- [DEBUG (pid 727)]: (in parseSysConf) curlogfd = 3 [DEBUG (pid 727)]: facility = * (all facilities) [DEBUG (pid 727)]: priority = warn [DEBUG (pid 727)]: current seperator = ';' [DEBUG (pid 727)]: dataptr = / [DEBUG (pid 727)]: logging *.warn to: /usr/adm/messages [DEBUG (pid 727)]: ---before parseSysConf--- [DEBUG (pid 727)]: (in parseSysConf) curlogfd = 4 [DEBUG (pid 727)]: facility = mail [DEBUG (pid 727)]: current seperator = . [DEBUG (pid 727)]: priority = none (no priorities) [DEBUG (pid 727)]: current seperator = 0x9 (in hex) [DEBUG (pid 727)]: dataptr = / [DEBUG (pid 727)]: logging mail.none to: /usr/adm/messages [DEBUG (pid 727)]: parsing line: *.=debug /usr/adm/debug [DEBUG (pid 727)]: (in parseSysConf) curlogfd = 5 [DEBUG (pid 727)]: facility = * (all facilities) [DEBUG (pid 727)]: single ('=') on [DEBUG (pid 727)]: priority = debug [DEBUG (pid 727)]: current seperator = 0x9 (in hex) [DEBUG (pid 727)]: dataptr = / [DEBUG (pid 727)]: logging *.debug to: /usr/adm/debug [DEBUG (pid 727)]: parsing line: *.warn;*.crit;*.emerg /usr/adm/syslog [DEBUG (pid 727)]: (in parseSysConf) curlogfd = 6 [DEBUG (pid 727)]: facility = * (all facilities) [DEBUG (pid 727)]: priority = warn [DEBUG (pid 727)]: current seperator = ';' [DEBUG (pid 727)]: dataptr = / [DEBUG (pid 727)]: logging *.warn to: /usr/adm/syslog [DEBUG (pid 727)]: ---before parseSysConf--- [DEBUG (pid 727)]: (in parseSysConf) curlogfd = 7 [DEBUG (pid 727)]: facility = * (all facilities) [DEBUG (pid 727)]: priority = crit [DEBUG (pid 727)]: current seperator = ';' [DEBUG (pid 727)]: dataptr = / [DEBUG (pid 727)]: logging *.crit to: /usr/adm/syslog [DEBUG (pid 727)]: ---before parseSysConf--- [DEBUG (pid 727)]: (in parseSysConf) curlogfd = 8 [DEBUG (pid 727)]: facility = * (all facilities) [DEBUG (pid 727)]: priority = emerg [DEBUG (pid 727)]: current seperator = 0x9 (in hex) [DEBUG (pid 727)]: dataptr = / [DEBUG (pid 727)]: logging *.emerg to: /usr/adm/syslog [DEBUG (pid 727)]: parsing line: *.* /dev/tty13 [DEBUG (pid 727)]: (in parseSysConf) curlogfd = 9 [DEBUG (pid 727)]: facility = * (all facilities) [DEBUG (pid 727)]: priority = * (all priorities) [DEBUG (pid 727)]: current seperator = 0x9 (in hex) [DEBUG (pid 727)]: dataptr = / [DEBUG (pid 727)]: logging *.* to: /dev/tty13 [DEBUG (pid 727)]: /dev/tty13 is a tty (device) [DEBUG (pid 727)]: parsing line: *.emerg * [DEBUG (pid 727)]: (in parseSysConf) curlogfd = 10 [DEBUG (pid 727)]: facility = * (all facilities) [DEBUG (pid 727)]: priority = emerg [DEBUG (pid 727)]: current seperator = 0x9 (in hex) [DEBUG (pid 727)]: dataptr = * [ERROR (pid 727)]: wall'ing is not supported at this time.. outputting *.emerg to /w00w00/logs/SSS/wall.log instead [DEBUG (pid 727)]: parsing line: *.err shok,root,notik [DEBUG (pid 727)]: (in parseSysConf) curlogfd = 11 [DEBUG (pid 727)]: facility = * (all facilities) [DEBUG (pid 727)]: priority = err [DEBUG (pid 727)]: current seperator = 0x9 (in hex) [DEBUG (pid 727)]: dataptr = s [ERROR (pid 727)]: logging msgs to users is not supported yet.. outputting to the following instead: [ERROR (pid 727)]: *.err to /w00w00/logs/SSS/shok-user.log [ERROR (pid 727)]: *.err to /w00w00/logs/SSS/root-user.log [ERROR (pid 727)]: *.err to /w00w00/logs/SSS/notik-user.log [DEBUG (pid 727)]: parsing line: auth.* /usr/adm/log.auth [DEBUG (pid 727)]: (in parseSysConf) curlogfd = 14 [DEBUG (pid 727)]: facility = auth [DEBUG (pid 727)]: current seperator = . [DEBUG (pid 727)]: priority = * (all priorities) [DEBUG (pid 727)]: current seperator = 0x9 (in hex) [DEBUG (pid 727)]: dataptr = / [DEBUG (pid 727)]: logging auth.* to: /usr/adm/log.auth [DEBUG (pid 727)]: parsing line: cron.* /usr/adm/log.cron [DEBUG (pid 727)]: (in parseSysConf) curlogfd = 15 [DEBUG (pid 727)]: facility = cron [DEBUG (pid 727)]: current seperator = . [DEBUG (pid 727)]: priority = * (all priorities) [DEBUG (pid 727)]: current seperator = 0x9 (in hex) [DEBUG (pid 727)]: dataptr = / [DEBUG (pid 727)]: logging cron.* to: /usr/adm/log.cron [DEBUG (pid 727)]: parsing line: daemon.notice /usr/adm/log.daemon [DEBUG (pid 727)]: (in parseSysConf) curlogfd = 16 [DEBUG (pid 727)]: facility = daemon [DEBUG (pid 727)]: current seperator = . [DEBUG (pid 727)]: priority = notice [DEBUG (pid 727)]: current seperator = 0x9 (in hex) [DEBUG (pid 727)]: dataptr = / [DEBUG (pid 727)]: logging daemon.notice to: /usr/adm/log.daemon [DEBUG (pid 727)]: parsing line: kern.info /usr/adm/log.kern [DEBUG (pid 727)]: (in parseSysConf) curlogfd = 17 [DEBUG (pid 727)]: facility = kern [DEBUG (pid 727)]: current seperator = . [DEBUG (pid 727)]: priority = info [DEBUG (pid 727)]: current seperator = 0x9 (in hex) [DEBUG (pid 727)]: dataptr = / [DEBUG (pid 727)]: logging kern.info to: /usr/adm/log.kern [DEBUG (pid 727)]: parsing line: mail.* /usr/adm/log.mail [DEBUG (pid 727)]: (in parseSysConf) curlogfd = 18 [DEBUG (pid 727)]: facility = mail [DEBUG (pid 727)]: current seperator = . [DEBUG (pid 727)]: priority = * (all priorities) [DEBUG (pid 727)]: current seperator = 0x9 (in hex) [DEBUG (pid 727)]: dataptr = / [DEBUG (pid 727)]: logging mail.* to: /usr/adm/log.mail [DEBUG (pid 727)]: parsing line: mark.* /usr/adm/log.mark [DEBUG (pid 727)]: (in parseSysConf) curlogfd = 19 [DEBUG (pid 727)]: facility = mark [DEBUG (pid 727)]: current seperator = . [DEBUG (pid 727)]: priority = * (all priorities) [DEBUG (pid 727)]: current seperator = 0x9 (in hex) [DEBUG (pid 727)]: dataptr = / [DEBUG (pid 727)]: logging mark.* to: /usr/adm/log.mark [DEBUG (pid 727)]: parsing line: syslog.* /usr/adm/log.syslog [DEBUG (pid 727)]: (in parseSysConf) curlogfd = 20 [DEBUG (pid 727)]: facility = syslog [DEBUG (pid 727)]: current seperator = . [DEBUG (pid 727)]: priority = * (all priorities) [DEBUG (pid 727)]: current seperator = 0x9 (in hex) [DEBUG (pid 727)]: dataptr = / [DEBUG (pid 727)]: logging syslog.* to: /usr/adm/log.syslog [DEBUG (pid 727)]: parsing line: user.* /usr/adm/log.user [DEBUG (pid 727)]: (in parseSysConf) curlogfd = 21 [DEBUG (pid 727)]: facility = user [DEBUG (pid 727)]: current seperator = . [DEBUG (pid 727)]: priority = * (all priorities) [DEBUG (pid 727)]: current seperator = 0x9 (in hex) [DEBUG (pid 727)]: dataptr = / [DEBUG (pid 727)]: logging user.* to: /usr/adm/log.user [DEBUG (pid 727)]: parsing line: uucp.* /usr/adm/log.uucp [DEBUG (pid 727)]: (in parseSysConf) curlogfd = 22 [DEBUG (pid 727)]: facility = uucp [DEBUG (pid 727)]: current seperator = . [DEBUG (pid 727)]: priority = * (all priorities) [DEBUG (pid 727)]: current seperator = 0x9 (in hex) [DEBUG (pid 727)]: dataptr = / [DEBUG (pid 727)]: logging uucp.* to: /usr/adm/log.uucp [DEBUG (pid 727)]: parsing line: lpr.* /usr/adm/log.lpr [DEBUG (pid 727)]: (in parseSysConf) curlogfd = 23 [DEBUG (pid 727)]: facility = lpr [DEBUG (pid 727)]: current seperator = . [DEBUG (pid 727)]: priority = * (all priorities) [DEBUG (pid 727)]: current seperator = 0x9 (in hex) [DEBUG (pid 727)]: dataptr = / [DEBUG (pid 727)]: logging lpr.* to: /usr/adm/log.lpr [DEBUG (pid 727)]: parsing line: news.* /usr/adm/log.news [DEBUG (pid 727)]: (in parseSysConf) curlogfd = 24 [DEBUG (pid 727)]: facility = news [DEBUG (pid 727)]: current seperator = . [DEBUG (pid 727)]: priority = * (all priorities) [DEBUG (pid 727)]: current seperator = 0x9 (in hex) [DEBUG (pid 727)]: dataptr = / [DEBUG (pid 727)]: logging news.* to: /usr/adm/log.news [DEBUG (pid 727)]: parsing line: *.* /usr/adm/alljunk [DEBUG (pid 727)]: (in parseSysConf) curlogfd = 25 [DEBUG (pid 727)]: facility = * (all facilities) [DEBUG (pid 727)]: priority = * (all priorities) [DEBUG (pid 727)]: current seperator = 0x9 (in hex) [DEBUG (pid 727)]: dataptr = / [DEBUG (pid 727)]: logging *.* to: /usr/adm/alljunk [DEBUG (pid 727)]: parsing line: # [DEBUG (pid 727)]: parsing line: # This might work instead to log on a remote host: [DEBUG (pid 727)]: parsing line: # * @hostname [DEBUG (pid 727)]: current files being logged to: [DEBUG (pid 727)]: /w00w00/logs/SSS/pipe.log-pipe.log, for *.* [DEBUG (pid 727)]: /usr/adm/messages, for *.info [DEBUG (pid 727)]: /usr/adm/messages, for *.notice [DEBUG (pid 727)]: /usr/adm/messages, for *.warn [DEBUG (pid 727)]: /usr/adm/messages, for mail.none [DEBUG (pid 727)]: /usr/adm/debug, for *.debug [DEBUG (pid 727)]: /usr/adm/syslog, for *.warn [DEBUG (pid 727)]: /usr/adm/syslog, for *.crit [DEBUG (pid 727)]: /usr/adm/syslog, for *.panic [DEBUG (pid 727)]: /dev/tty13, for *.* [DEBUG (pid 727)]: /w00w00/logs/SSS/wall.log, for *.panic [DEBUG (pid 727)]: /w00w00/logs/SSS/shok-user.log, for *.err [DEBUG (pid 727)]: /w00w00/logs/SSS/root-user.log, for *.err [DEBUG (pid 727)]: /w00w00/logs/SSS/notik-user.log, for *.err [DEBUG (pid 727)]: /usr/adm/log.auth, for auth.* [DEBUG (pid 727)]: /usr/adm/log.cron, for cron.* [DEBUG (pid 727)]: /usr/adm/log.daemon, for daemon.notice [DEBUG (pid 727)]: /usr/adm/log.kern, for kern.info [DEBUG (pid 727)]: /usr/adm/log.mail, for mail.* [DEBUG (pid 727)]: /usr/adm/log.mark, for mark.* [DEBUG (pid 727)]: /usr/adm/log.syslog, for syslog.* [DEBUG (pid 727)]: /usr/adm/log.user, for user.* [DEBUG (pid 727)]: /usr/adm/log.uucp, for uucp.* [DEBUG (pid 727)]: /usr/adm/log.lpr, for lpr.* [DEBUG (pid 727)]: /usr/adm/log.news, for news.* [DEBUG (pid 727)]: /usr/adm/alljunk, for *.* [DEBUG (pid 727)]: (in initStream) initializing server for streaming.. [DEBUG (pid 727)]: (in getSSSuser) parsing line: # This was generate automatically be SSS setup.sh [DEBUG (pid 727)]: (in getSSSuser) parsing line: # Do not modify [DEBUG (pid 727)]: (in getSSSuser) parsing line: [DEBUG (pid 727)]: (in getSSSuser) parsing line: sss [DEBUG (pid 727)]: now attempting to connect to an info server... [DEBUG (pid 727)]: attempting to bind to port 1022 [DEBUG (pid 727)]: successfully bind'd to port 1022 [DEBUG (pid 727)]: connect() succeeded... [DEBUG (pid 727)]: receiving data... [DEBUG (pid 727)]: data received from server.. [DEBUG (pid 727)]: the data is: SUCCESSFUL connect [DEBUG (pid 727)]: checking for successful connect [DEBUG (pid 727)]: (the data is): SUCCESSFUL connect [DEBUG (pid 727)]: sending the following to the server: ID 0001 [DEBUG (pid 727)]: receiving data... [DEBUG (pid 727)]: data received from server.. [DEBUG (pid 727)]: the data is: VERIFY 496744340 [DEBUG (pid 727)]: sending the following to the server: VERIFY 496744340 [DEBUG (pid 727)]: receiving data... [DEBUG (pid 727)]: data received from server.. [DEBUG (pid 727)]: the data is: SUCCESSFUL verification [DEBUG (pid 727)]: sending the following to the server: VERS [DEBUG (pid 727)]: receiving data... [DEBUG (pid 727)]: data received from server.. [DEBUG (pid 727)]: the data is: CVER 1, SVER 1 [DEBUG (pid 727)]: (in getVers) data is: CVER 1, SVER 1 [DEBUG (pid 727)]: got client & server version.. now parsing.. [DEBUG (pid 727)]: now we have list of new client/server versions.. [DEBUG (pid 727)]: sending the following to the server: SERVLIST [DEBUG (pid 727)]: receiving data... [DEBUG (pid 727)]: data received from server.. [DEBUG (pid 727)]: the data is: SERV localhost [DEBUG (pid 727)]: (in getServList) data is: SERV localhost [DEBUG (pid 727)]: parsing server servNames[0] (server #1) [DEBUG (pid 727)]: receiving data... [DEBUG (pid 727)]: data received from server.. [DEBUG (pid 727)]: the data is: SERV prodigy.repsec.com [DEBUG (pid 727)]: (in getServList) data is: SERV prodigy.repsec.com [DEBUG (pid 727)]: parsing server servNames[1] (server #2) [DEBUG (pid 727)]: receiving data... [DEBUG (pid 727)]: data received from server.. [DEBUG (pid 727)]: the data is: SERV enigma.repsec.com [DEBUG (pid 727)]: (in getServList) data is: SERV enigma.repsec.com [DEBUG (pid 727)]: parsing server servNames[2] (server #3) [DEBUG (pid 727)]: receiving data... [DEBUG (pid 727)]: data received from server.. [DEBUG (pid 727)]: the data is: DONE [DEBUG (pid 727)]: (in getServList) data is: DONE [DEBUG (pid 727)]: now we have the streaming server list.. [DEBUG (pid 727)]: now disconnecting from server... [DEBUG (pid 727)]: sending the following to the server: QUIT [DEBUG (pid 727)]: now connecting to a streaming server... [DEBUG (pid 727)]: attempting to bind to port 1021 [DEBUG (pid 727)]: successfully bind'd to port 1021 [DEBUG (pid 727)]: connect() succeeded... [DEBUG (pid 727)]: receiving data... [DEBUG (pid 726)]: sending the following to the client: SUCCESSFUL connect [DEBUG (pid 726)]: receiving data... [DEBUG (pid 727)]: data received from server.. [DEBUG (pid 727)]: the data is: SUCCESSFUL connect [DEBUG (pid 727)]: checking for successful connect [DEBUG (pid 727)]: (in parent) connected to a streaming server.. [DEBUG (pid 727)]: sending the following to the server: ID 0001 [DEBUG (pid 727)]: receiving data... [DEBUG (pid 727)]: data received from server.. [DEBUG (pid 727)]: the data is: VERIFY 1410010445 [DEBUG (pid 727)]: sending the following to the server: VERIFY 1410010445 [DEBUG (pid 727)]: receiving data... [DEBUG (pid 727)]: data received from server.. [DEBUG (pid 727)]: the data is: SUCCESSFUL verification [DEBUG (pid 727)]: sending the following to the server: START SYSLOG.CONF [DEBUG (pid 727)]: receiving data... [DEBUG (pid 727)]: data received from server.. [DEBUG (pid 727)]: the data is: START SYSLOG.CONF OKAY [DEBUG (pid 727)]: got server's permissions to start sending [DEBUG (pid 727)]: sending the following to the server: # /etc/syslog.conf [DEBUG (pid 727)]: sending the following to the server: # For info about the format of this file, see "man syslog.conf" (the BSD man [DEBUG (pid 727)]: sending the following to the server: # page), and /usr/doc/sysklogd/README.linux. [DEBUG (pid 727)]: sending the following to the server: # [DEBUG (pid 727)]: sending the following to the server: # NOTE: YOU HAVE TO USE TABS HERE - NOT SPACES. [DEBUG (pid 727)]: sending the following to the server: # I don't know why. [DEBUG (pid 727)]: sending the following to the server: # [DEBUG (pid 727)]: sending the following to the server: *.* |/etc/pipe.log [DEBUG (pid 727)]: sending the following to the server: *.=info;*.=notice;*.warn;mail.none /usr/adm/messages [DEBUG (pid 727)]: sending the following to the server: *.=debug /usr/adm/debug [DEBUG (pid 727)]: sending the following to the server: *.warn;*.crit;*.emerg /usr/adm/syslog [DEBUG (pid 727)]: sending the following to the server: *.* /dev/tty13 [DEBUG (pid 727)]: sending the following to the server: *.emerg * [DEBUG (pid 727)]: sending the following to the server: *.err shok,root,notik [DEBUG (pid 727)]: sending the following to the server: auth.* /usr/adm/log.auth [DEBUG (pid 727)]: sending the following to the server: cron.* /usr/adm/log.cron [DEBUG (pid 727)]: sending the following to the server: daemon.notice /usr/adm/log.daemon [DEBUG (pid 727)]: sending the following to the server: kern.info /usr/adm/log.kern [DEBUG (pid 727)]: sending the following to the server: mail.* /usr/adm/log.mail [DEBUG (pid 727)]: sending the following to the server: mark.* /usr/adm/log.mark [DEBUG (pid 727)]: sending the following to the server: syslog.* /usr/adm/log.syslog [DEBUG (pid 727)]: sending the following to the server: user.* /usr/adm/log.user [DEBUG (pid 727)]: sending the following to the server: uucp.* /usr/adm/log.uucp [DEBUG (pid 727)]: sending the following to the server: lpr.* /usr/adm/log.lpr [DEBUG (pid 727)]: sending the following to the server: news.* /usr/adm/log.news [DEBUG (pid 727)]: sending the following to the server: *.* /usr/adm/alljunk [DEBUG (pid 727)]: sending the following to the server: # [DEBUG (pid 727)]: sending the following to the server: # This might work instead to log on a remote host: [DEBUG (pid 727)]: sending the following to the server: # * @hostname [DEBUG (pid 727)]: sending the following to the server: END SYSLOG.CONF [DEBUG (pid 727)]: receiving data... [DEBUG (pid 727)]: data received from server.. [DEBUG (pid 727)]: the data is: SUCCESSFUL logging [DEBUG (pid 727)]: now telling server we're streaming.. [DEBUG (pid 727)]: sending the following to the server: START STREAM [DEBUG (pid 727)]: now checking for spooled data... [DEBUG (pid 727)]: spooled data (if any) was sent... [DEBUG (pid 727)]: now streaming live logs [DEBUG (pid 727)]: now waiting for system logs to stream... [ERROR (pid 727)]: error reading klogfd.. removing [DEBUG (pid 727)]: new data from server [DEBUG (pid 727)]: receiving data... [ERROR (pid 727)]: error with SSL_read: No such file or directory [DEBUG (pid 727)]: now restarting.. [DEBUG (pid 727)]: now disconnecting from server... [DEBUG (pid 727)]: sending the following to the server: QUIT [ERROR (pid 727)]: error with SSL_write: Broken pipe [DEBUG (pid 727)]: now restarting.. [DEBUG (pid 727)]: now connecting to a streaming server... [ERROR (pid 727)]: error with gethostbyname: non-auth'd host/server failure [DEBUG (pid 727)]: (after connServ) error occured, restarting [ERROR (pid 727)]: error with gethostbyname: non-auth'd host/server failure [DEBUG (pid 727)]: (after connServ) error occured, restarting [ERROR (pid 727)]: reached end of server list.. now starting spooling [DEBUG (pid 727)]: (in parent) now forking a child to start spooling to /var/log/SSS/spool/SSS.log locally [DEBUG (pid 727)]: (in parent) now restarting/reconnecting at the top of the server list [DEBUG (pid 727)]: connect() succeeded... [DEBUG (pid 732)]: awaiting system logs to spool... [ERROR (pid 727)]: error with SSL_read: No such file or directory [DEBUG (pid 727)]: now restarting.. [DEBUG (pid 727)]: now connecting to a streaming server... ---------------------------------------------- SSS [server] restarted on: Sun Oct 4 07:25:46 1998 [DEBUG (pid 1809)]: running in debug mode.. not forking/daemonizing [DEBUG (pid 1809)]: (in getSSSuser) parsing line: # This was generate automatically be SSS setup.sh [DEBUG (pid 1809)]: (in getSSSuser) parsing line: # Do not modify [DEBUG (pid 1809)]: (in getSSSuser) parsing line: [DEBUG (pid 1809)]: (in getSSSuser) parsing line: sss [DEBUG (pid 1809)]: local timezone: MST [DEBUG (pid 1809)]: next client will get clients[0] [DEBUG (pid 1809)]: now waiting for a new client to connect.. [DEBUG (pid 1809)]: sending the following to the client: SUCCESSFUL connect [DEBUG (pid 1809)]: receiving data... [DEBUG (pid 1809)]: data received from the client [DEBUG (pid 1809)]: data is: ID 0001 [DEBUG (pid 1809)]: (in procData) ID part.. data is: ID 0001 [DEBUG (client 0001)]: sending random challenge to client.. [DEBUG (client 0001)]: sending the following to the client: VERIFY 316685958 [DEBUG (client 0001)]: receiving data... [DEBUG (client 0001)]: data received from the client [DEBUG (client 0001)]: data is: VERIFY 316685958 [DEBUG (client 0001)]: client successfully verified... [DEBUG (client 0001)]: sending the following to the client: SUCCESSFUL verification [DEBUG (client 0001 [1])]: current sub-ID for ID 0001 = 1 [DEBUG (client 0001 [1])]: now forking a child to handle the client [DEBUG (client 0001 [1])]: clients[0].pid = 1813 [DEBUG (client 0001 [1])]: getting a new shared memory ID [DEBUG (client 0001 [1])]: attaching the shared memory segment [DEBUG (client 0001 [1])]: removing the shared memory ID [DEBUG (pid 1809)]: next client will get clients[1] [DEBUG (pid 1809)]: now waiting for a new client to connect.. [DEBUG (client 0001 [1])]: creating /var/log/SSS [DEBUG (client 0001 [1])]: creating /var/log/SSS/clients [DEBUG (client 0001 [1])]: creating /var/log/SSS/clients/0001 [DEBUG (client 0001 [1])]: (in createDirs) numSubIDs = 1 [DEBUG (client 0001 [1])]: creating /var/log/SSS/clients/0001/1 [DEBUG (client 0001 [1])]: (in procData) waiting for next instruction [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: VERS [DEBUG (client 0001 [1])]: sending the client the current versions... [DEBUG (client 0001 [1])]: sending the following to the client: CVER 1, SVER 1 [DEBUG (client 0001 [1])]: (in procData) waiting for next instruction [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: SERVLIST [DEBUG (client 0001 [1])]: sending client the streaming server list... [DEBUG (client 0001 [1])]: sending the following to the client: SERV localhost [DEBUG (client 0001 [1])]: sending the following to the client: SERV prodigy.repsec.com [DEBUG (client 0001 [1])]: sending the following to the client: SERV enigma.repsec.com [DEBUG (client 0001 [1])]: sending the following to the client: DONE [DEBUG (client 0001 [1])]: (in procData) waiting for next instruction [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: QUIT [DEBUG (client 0001 [1])]: closing sockets [DEBUG (client 0001 [1])]: closing log files [DEBUG (client 0001 [1])]: detaching shared memory [DEBUG (pid 1809)]: child (pid 1813) has exited.. * NOTE: was using info server as streaming server also... [DEBUG (pid 1809)]: sending the following to the client: SUCCESSFUL connect [DEBUG (pid 1809)]: receiving data... [DEBUG (pid 1809)]: data received from the client [DEBUG (pid 1809)]: data is: ID 0001 [DEBUG (pid 1809)]: (in procData) ID part.. data is: ID 0001 [DEBUG (client 0001)]: sending random challenge to client.. [DEBUG (client 0001)]: sending the following to the client: VERIFY 1197369982 [DEBUG (client 0001)]: receiving data... [DEBUG (client 0001)]: data received from the client [DEBUG (client 0001)]: data is: VERIFY 1197369982 [DEBUG (client 0001)]: client successfully verified... [DEBUG (client 0001)]: sending the following to the client: SUCCESSFUL verification [DEBUG (client 0001 [1])]: current sub-ID for ID 0001 = 1 [DEBUG (client 0001 [1])]: now forking a child to handle the client [DEBUG (client 0001 [1])]: clients[1].pid = 1814 [DEBUG (client 0001 [1])]: getting a new shared memory ID [DEBUG (client 0001 [1])]: attaching the shared memory segment [DEBUG (client 0001 [1])]: removing the shared memory ID [DEBUG (pid 1809)]: next client will get clients[0] [DEBUG (pid 1809)]: now waiting for a new client to connect.. [DEBUG (client 0001 [1])]: creating /var/log/SSS [DEBUG (client 0001 [1])]: creating /var/log/SSS/clients [DEBUG (client 0001 [1])]: creating /var/log/SSS/clients/0001 [DEBUG (client 0001 [1])]: (in createDirs) numSubIDs = 1 [DEBUG (client 0001 [1])]: creating /var/log/SSS/clients/0001/1 [DEBUG (client 0001 [1])]: (in procData) waiting for next instruction [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: START SYSLOG.CONF [DEBUG (client 0001 [1])]: now getting syslog.conf from client... [DEBUG (client 0001 [1])]: sending the following to the client: START SYSLOG.CONF OKAY [DEBUG (client 0001 [1])]: ----- BEGIN PARSE SYSLOG.CONF ----- [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: # /etc/syslog.conf [DEBUG (client 0001 [1])]: parsing line: # /etc/syslog.conf [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: # For info about the format of this file, see "man syslog.conf" (the BSD man [DEBUG (client 0001 [1])]: parsing line: # For info about the format of this file, see "man syslog.conf" (the BSD man [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: # page), and /usr/doc/sysklogd/README.linux. [DEBUG (client 0001 [1])]: parsing line: # page), and /usr/doc/sysklogd/README.linux. [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: # [DEBUG (client 0001 [1])]: parsing line: # [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: # NOTE: YOU HAVE TO USE TABS HERE - NOT SPACES. [DEBUG (client 0001 [1])]: parsing line: # NOTE: YOU HAVE TO USE TABS HERE - NOT SPACES. [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: # I don't know why. [DEBUG (client 0001 [1])]: parsing line: # I don't know why. [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: # [DEBUG (client 0001 [1])]: parsing line: # [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: *.* |/etc/pipe.log [DEBUG (client 0001 [1])]: parsing line: *.* |/etc/pipe.log [DEBUG (client 0001 [1])]: (in parseSysConf) curlogfd = 0, curClient = 1 [DEBUG (client 0001 [1])]: facility = * (all facilities) [DEBUG (client 0001 [1])]: priority = * (all priorities) [DEBUG (client 0001 [1])]: current seperator = 0x9 (in hex) [DEBUG (client 0001 [1])]: dataptr = | [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: *.=info;*.=notice;*.warn;mail.none /usr/adm/messages [DEBUG (client 0001 [1])]: parsing line: *.=info;*.=notice;*.warn;mail.none /usr/adm/messages [DEBUG (client 0001 [1])]: (in parseSysConf) curlogfd = 1, curClient = 1 [DEBUG (client 0001 [1])]: facility = * (all facilities) [DEBUG (client 0001 [1])]: single ('=') on [DEBUG (client 0001 [1])]: priority = info [DEBUG (client 0001 [1])]: current seperator = ';' [DEBUG (client 0001 [1])]: dataptr = / [DEBUG (client 0001 [1])]: logging *.info to: /w00w00/logs/SSS/clients/0001/1/messages [DEBUG (client 0001 [1])]: ---before parseSysConf--- [DEBUG (client 0001 [1])]: (in parseSysConf) curlogfd = 2, curClient = 1 [DEBUG (client 0001 [1])]: facility = * (all facilities) [DEBUG (client 0001 [1])]: single ('=') on [DEBUG (client 0001 [1])]: priority = notice [DEBUG (client 0001 [1])]: current seperator = ';' [DEBUG (client 0001 [1])]: dataptr = / [DEBUG (client 0001 [1])]: logging *.notice to: /w00w00/logs/SSS/clients/0001/1/messages [DEBUG (client 0001 [1])]: ---before parseSysConf--- [DEBUG (client 0001 [1])]: (in parseSysConf) curlogfd = 3, curClient = 1 [DEBUG (client 0001 [1])]: facility = * (all facilities) [DEBUG (client 0001 [1])]: priority = warn [DEBUG (client 0001 [1])]: current seperator = ';' [DEBUG (client 0001 [1])]: dataptr = / [DEBUG (client 0001 [1])]: logging *.warn to: /w00w00/logs/SSS/clients/0001/1/messages [DEBUG (client 0001 [1])]: ---before parseSysConf--- [DEBUG (client 0001 [1])]: (in parseSysConf) curlogfd = 4, curClient = 1 [DEBUG (client 0001 [1])]: facility = mail [DEBUG (client 0001 [1])]: current seperator = . [DEBUG (client 0001 [1])]: priority = none (no priorities) [DEBUG (client 0001 [1])]: current seperator = 0x9 (in hex) [DEBUG (client 0001 [1])]: dataptr = / [DEBUG (client 0001 [1])]: logging mail.none to: /w00w00/logs/SSS/clients/0001/1/messages [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: *.=debug /usr/adm/debug [DEBUG (client 0001 [1])]: parsing line: *.=debug /usr/adm/debug [DEBUG (client 0001 [1])]: (in parseSysConf) curlogfd = 5, curClient = 1 [DEBUG (client 0001 [1])]: facility = * (all facilities) [DEBUG (client 0001 [1])]: single ('=') on [DEBUG (client 0001 [1])]: priority = debug [DEBUG (client 0001 [1])]: current seperator = 0x9 (in hex) [DEBUG (client 0001 [1])]: dataptr = / [DEBUG (client 0001 [1])]: logging *.debug to: /w00w00/logs/SSS/clients/0001/1/debug [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: *.warn;*.crit;*.emerg /usr/adm/syslog [DEBUG (client 0001 [1])]: parsing line: *.warn;*.crit;*.emerg /usr/adm/syslog [DEBUG (client 0001 [1])]: (in parseSysConf) curlogfd = 6, curClient = 1 [DEBUG (client 0001 [1])]: facility = * (all facilities) [DEBUG (client 0001 [1])]: priority = warn [DEBUG (client 0001 [1])]: current seperator = ';' [DEBUG (client 0001 [1])]: dataptr = / [DEBUG (client 0001 [1])]: logging *.warn to: /w00w00/logs/SSS/clients/0001/1/syslog [DEBUG (client 0001 [1])]: ---before parseSysConf--- [DEBUG (client 0001 [1])]: (in parseSysConf) curlogfd = 7, curClient = 1 [DEBUG (client 0001 [1])]: facility = * (all facilities) [DEBUG (client 0001 [1])]: priority = crit [DEBUG (client 0001 [1])]: current seperator = ';' [DEBUG (client 0001 [1])]: dataptr = / [DEBUG (client 0001 [1])]: logging *.crit to: /w00w00/logs/SSS/clients/0001/1/syslog [DEBUG (client 0001 [1])]: ---before parseSysConf--- [DEBUG (client 0001 [1])]: (in parseSysConf) curlogfd = 8, curClient = 1 [DEBUG (client 0001 [1])]: facility = * (all facilities) [DEBUG (client 0001 [1])]: priority = emerg [DEBUG (client 0001 [1])]: current seperator = 0x9 (in hex) [DEBUG (client 0001 [1])]: dataptr = / [DEBUG (client 0001 [1])]: logging *.emerg to: /w00w00/logs/SSS/clients/0001/1/syslog [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: *.* /dev/tty13 [DEBUG (client 0001 [1])]: parsing line: *.* /dev/tty13 [DEBUG (client 0001 [1])]: (in parseSysConf) curlogfd = 9, curClient = 1 [DEBUG (client 0001 [1])]: facility = * (all facilities) [DEBUG (client 0001 [1])]: priority = * (all priorities) [DEBUG (client 0001 [1])]: current seperator = 0x9 (in hex) [DEBUG (client 0001 [1])]: dataptr = / [DEBUG (client 0001 [1])]: logging *.* to: /w00w00/logs/SSS/clients/0001/1/tty13 [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: *.emerg * [DEBUG (client 0001 [1])]: parsing line: *.emerg * [DEBUG (client 0001 [1])]: (in parseSysConf) curlogfd = 10, curClient = 1 [DEBUG (client 0001 [1])]: facility = * (all facilities) [DEBUG (client 0001 [1])]: priority = emerg [DEBUG (client 0001 [1])]: current seperator = 0x9 (in hex) [DEBUG (client 0001 [1])]: dataptr = * [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: *.err shok,root,notik [DEBUG (client 0001 [1])]: parsing line: *.err shok,root,notik [DEBUG (client 0001 [1])]: (in parseSysConf) curlogfd = 11, curClient = 1 [DEBUG (client 0001 [1])]: facility = * (all facilities) [DEBUG (client 0001 [1])]: priority = err [DEBUG (client 0001 [1])]: current seperator = 0x9 (in hex) [DEBUG (client 0001 [1])]: dataptr = s [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: auth.* /usr/adm/log.auth [DEBUG (client 0001 [1])]: parsing line: auth.* /usr/adm/log.auth [DEBUG (client 0001 [1])]: (in parseSysConf) curlogfd = 14, curClient = 1 [DEBUG (client 0001 [1])]: facility = auth [DEBUG (client 0001 [1])]: current seperator = . [DEBUG (client 0001 [1])]: priority = * (all priorities) [DEBUG (client 0001 [1])]: current seperator = 0x9 (in hex) [DEBUG (client 0001 [1])]: dataptr = / [DEBUG (client 0001 [1])]: logging auth.* to: /w00w00/logs/SSS/clients/0001/1/log.auth [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: cron.* /usr/adm/log.cron [DEBUG (client 0001 [1])]: parsing line: cron.* /usr/adm/log.cron [DEBUG (client 0001 [1])]: (in parseSysConf) curlogfd = 15, curClient = 1 [DEBUG (client 0001 [1])]: facility = cron [DEBUG (client 0001 [1])]: current seperator = . [DEBUG (client 0001 [1])]: priority = * (all priorities) [DEBUG (client 0001 [1])]: current seperator = 0x9 (in hex) [DEBUG (client 0001 [1])]: dataptr = / [DEBUG (client 0001 [1])]: logging cron.* to: /w00w00/logs/SSS/clients/0001/1/log.cron [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: daemon.notice /usr/adm/log.daemon [DEBUG (client 0001 [1])]: parsing line: daemon.notice /usr/adm/log.daemon [DEBUG (client 0001 [1])]: (in parseSysConf) curlogfd = 16, curClient = 1 [DEBUG (client 0001 [1])]: facility = daemon [DEBUG (client 0001 [1])]: current seperator = . [DEBUG (client 0001 [1])]: priority = notice [DEBUG (client 0001 [1])]: current seperator = 0x9 (in hex) [DEBUG (client 0001 [1])]: dataptr = / [DEBUG (client 0001 [1])]: logging daemon.notice to: /w00w00/logs/SSS/clients/0001/1/log.daemon [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: kern.info /usr/adm/log.kern [DEBUG (client 0001 [1])]: parsing line: kern.info /usr/adm/log.kern [DEBUG (client 0001 [1])]: (in parseSysConf) curlogfd = 17, curClient = 1 [DEBUG (client 0001 [1])]: facility = kern [DEBUG (client 0001 [1])]: current seperator = . [DEBUG (client 0001 [1])]: priority = info [DEBUG (client 0001 [1])]: current seperator = 0x9 (in hex) [DEBUG (client 0001 [1])]: dataptr = / [DEBUG (client 0001 [1])]: logging kern.info to: /w00w00/logs/SSS/clients/0001/1/log.kern [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: mail.* /usr/adm/log.mail [DEBUG (client 0001 [1])]: parsing line: mail.* /usr/adm/log.mail [DEBUG (client 0001 [1])]: (in parseSysConf) curlogfd = 18, curClient = 1 [DEBUG (client 0001 [1])]: facility = mail [DEBUG (client 0001 [1])]: current seperator = . [DEBUG (client 0001 [1])]: priority = * (all priorities) [DEBUG (client 0001 [1])]: current seperator = 0x9 (in hex) [DEBUG (client 0001 [1])]: dataptr = / [DEBUG (client 0001 [1])]: logging mail.* to: /w00w00/logs/SSS/clients/0001/1/log.mail [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: mark.* /usr/adm/log.mark [DEBUG (client 0001 [1])]: parsing line: mark.* /usr/adm/log.mark [DEBUG (client 0001 [1])]: (in parseSysConf) curlogfd = 19, curClient = 1 [DEBUG (client 0001 [1])]: facility = mark [DEBUG (client 0001 [1])]: current seperator = . [DEBUG (client 0001 [1])]: priority = * (all priorities) [DEBUG (client 0001 [1])]: current seperator = 0x9 (in hex) [DEBUG (client 0001 [1])]: dataptr = / [DEBUG (client 0001 [1])]: logging mark.* to: /w00w00/logs/SSS/clients/0001/1/log.mark [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: syslog.* /usr/adm/log.syslog [DEBUG (client 0001 [1])]: parsing line: syslog.* /usr/adm/log.syslog [DEBUG (client 0001 [1])]: (in parseSysConf) curlogfd = 20, curClient = 1 [DEBUG (client 0001 [1])]: facility = syslog [DEBUG (client 0001 [1])]: current seperator = . [DEBUG (client 0001 [1])]: priority = * (all priorities) [DEBUG (client 0001 [1])]: current seperator = 0x9 (in hex) [DEBUG (client 0001 [1])]: dataptr = / [DEBUG (client 0001 [1])]: logging syslog.* to: /w00w00/logs/SSS/clients/0001/1/log.syslog [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: user.* /usr/adm/log.user [DEBUG (client 0001 [1])]: parsing line: user.* /usr/adm/log.user [DEBUG (client 0001 [1])]: (in parseSysConf) curlogfd = 21, curClient = 1 [DEBUG (client 0001 [1])]: facility = user [DEBUG (client 0001 [1])]: current seperator = . [DEBUG (client 0001 [1])]: priority = * (all priorities) [DEBUG (client 0001 [1])]: current seperator = 0x9 (in hex) [DEBUG (client 0001 [1])]: dataptr = / [DEBUG (client 0001 [1])]: logging user.* to: /w00w00/logs/SSS/clients/0001/1/log.user [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: uucp.* /usr/adm/log.uucp [DEBUG (client 0001 [1])]: parsing line: uucp.* /usr/adm/log.uucp [DEBUG (client 0001 [1])]: (in parseSysConf) curlogfd = 22, curClient = 1 [DEBUG (client 0001 [1])]: facility = uucp [DEBUG (client 0001 [1])]: current seperator = . [DEBUG (client 0001 [1])]: priority = * (all priorities) [DEBUG (client 0001 [1])]: current seperator = 0x9 (in hex) [DEBUG (client 0001 [1])]: dataptr = / [DEBUG (client 0001 [1])]: logging uucp.* to: /w00w00/logs/SSS/clients/0001/1/log.uucp [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: lpr.* /usr/adm/log.lpr [DEBUG (client 0001 [1])]: parsing line: lpr.* /usr/adm/log.lpr [DEBUG (client 0001 [1])]: (in parseSysConf) curlogfd = 23, curClient = 1 [DEBUG (client 0001 [1])]: facility = lpr [DEBUG (client 0001 [1])]: current seperator = . [DEBUG (client 0001 [1])]: priority = * (all priorities) [DEBUG (client 0001 [1])]: current seperator = 0x9 (in hex) [DEBUG (client 0001 [1])]: dataptr = / [DEBUG (client 0001 [1])]: logging lpr.* to: /w00w00/logs/SSS/clients/0001/1/log.lpr [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: news.* /usr/adm/log.news [DEBUG (client 0001 [1])]: parsing line: news.* /usr/adm/log.news [DEBUG (client 0001 [1])]: (in parseSysConf) curlogfd = 24, curClient = 1 [DEBUG (client 0001 [1])]: facility = news [DEBUG (client 0001 [1])]: current seperator = . [DEBUG (client 0001 [1])]: priority = * (all priorities) [DEBUG (client 0001 [1])]: current seperator = 0x9 (in hex) [DEBUG (client 0001 [1])]: dataptr = / [DEBUG (client 0001 [1])]: logging news.* to: /w00w00/logs/SSS/clients/0001/1/log.news [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: *.* /usr/adm/alljunk [DEBUG (client 0001 [1])]: parsing line: *.* /usr/adm/alljunk [DEBUG (client 0001 [1])]: (in parseSysConf) curlogfd = 25, curClient = 1 [DEBUG (client 0001 [1])]: facility = * (all facilities) [DEBUG (client 0001 [1])]: priority = * (all priorities) [DEBUG (client 0001 [1])]: current seperator = 0x9 (in hex) [DEBUG (client 0001 [1])]: dataptr = / [DEBUG (client 0001 [1])]: logging *.* to: /w00w00/logs/SSS/clients/0001/1/alljunk [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: # [DEBUG (client 0001 [1])]: parsing line: # [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: # This might work instead to log on a remote host: [DEBUG (client 0001 [1])]: parsing line: # This might work instead to log on a remote host: [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: # * @hostname [DEBUG (client 0001 [1])]: parsing line: # * @hostname [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: END SYSLOG.CONF [DEBUG (client 0001 [1])]: ----- END PARSE SYSLOG.CONF ----- [DEBUG (client 0001 [1])]: sending the following to the client: SUCCESSFUL logging [DEBUG (client 0001 [1])]: /SSS/clients/0001/1/pipe.log-pipe.log, for *.* [DEBUG (client 0001 [1])]: /SSS/clients/0001/1/messages, for *.info [DEBUG (client 0001 [1])]: /SSS/clients/0001/1/messages, for *.notice [DEBUG (client 0001 [1])]: /SSS/clients/0001/1/messages, for *.warn [DEBUG (client 0001 [1])]: /SSS/clients/0001/1/messages, for mail.none [DEBUG (client 0001 [1])]: /SSS/clients/0001/1/debug, for *.debug [DEBUG (client 0001 [1])]: /SSS/clients/0001/1/syslog, for *.warn [DEBUG (client 0001 [1])]: /SSS/clients/0001/1/syslog, for *.crit [DEBUG (client 0001 [1])]: /SSS/clients/0001/1/syslog, for *.panic [DEBUG (client 0001 [1])]: /SSS/clients/0001/1/tty13, for *.* [DEBUG (client 0001 [1])]: /SSS/clients/0001/1/wall.log, for *.panic [DEBUG (client 0001 [1])]: /SSS/clients/0001/1/shok-user.log, for *.err [DEBUG (client 0001 [1])]: /SSS/clients/0001/1/root-user.log, for *.err [DEBUG (client 0001 [1])]: /SSS/clients/0001/1/notik-user.log, for *.err [DEBUG (client 0001 [1])]: /SSS/clients/0001/1/log.auth for auth.* [DEBUG (client 0001 [1])]: /SSS/clients/0001/1/log.cron for cron.* [DEBUG (client 0001 [1])]: /SSS/clients/0001/1/log.daemon, for daemon.notice [DEBUG (client 0001 [1])]: /SSS/clients/0001/1/log.kern, for kern.info [DEBUG (client 0001 [1])]: /SSS/clients/0001/1/log.mail for mail.* [DEBUG (client 0001 [1])]: /SSS/clients/0001/1/log.mark for mark.* [DEBUG (client 0001 [1])]: /SSS/clients/0001/1/log.syslog for syslog.* [DEBUG (client 0001 [1])]: /SSS/clients/0001/1/log.user for user.* [DEBUG (client 0001 [1])]: /SSS/clients/0001/1/log.uucp for uucp.* [DEBUG (client 0001 [1])]: /SSS/clients/0001/1/log.lpr for lpr.* [DEBUG (client 0001 [1])]: /SSS/clients/0001/1/log.news for news.* [DEBUG (client 0001 [1])]: /SSS/clients/0001/1/alljunk, for *.* [DEBUG (client 0001 [1])]: now finished with syslog.conf... [DEBUG (client 0001 [1])]: (in procData) waiting for next instruction [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: START STREAM [DEBUG (client 0001 [1])]: received request to start streaming... [DEBUG (client 0001 [1])]: (in readStream) waiting for client's logs.. [DEBUG (client 0001 [1])]: receiving data... Oct 4 07:26:09 PAM_pwdb[1815]: (su) session opened for user notik by root(uid=515) [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: STREAM: <38>Oct 4 07:26:09 PAM_pwdb[1815]: (su) session opened for user notik by root(uid=515) [DEBUG (client 0001 [1])]: (in readStream).. the data is: STREAM: <38>Oct 4 07:26:09 PAM_pwdb[1815]: (su) session opened for user notik by root(uid=515) [DEBUG (client 0001 [1])]: facility = 4, priority = 6 [DEBUG (client 0001 [1])]: facility = auth, priority = info [DEBUG (client 0001 [1])]: writing the following to /w00w00/logs/SSS/clients/0001/1/pipe.log-pipe.log: Oct 4 07:26:09 PAM_pwdb[1815]: (su) session opened for user notik by root(uid=515) [DEBUG (client 0001 [1])]: writing the following to /w00w00/logs/SSS/clients/0001/1/messages: Oct 4 07:26:09 PAM_pwdb[1815]: (su) session opened for user notik by root(uid=515) [DEBUG (client 0001 [1])]: writing the following to /w00w00/logs/SSS/clients/0001/1/syslog: Oct 4 07:26:09 PAM_pwdb[1815]: (su) session opened for user notik by root(uid=515) [DEBUG (client 0001 [1])]: writing the following to /w00w00/logs/SSS/clients/0001/1/tty13: Oct 4 07:26:09 PAM_pwdb[1815]: (su) session opened for user notik by root(uid=515) [DEBUG (client 0001 [1])]: writing the following to /w00w00/logs/SSS/clients/0001/1/wall.log: Oct 4 07:26:09 PAM_pwdb[1815]: (su) session opened for user notik by root(uid=515) [DEBUG (client 0001 [1])]: writing the following to /w00w00/logs/SSS/clients/0001/1/shok-user.log: Oct 4 07:26:09 PAM_pwdb[1815]: (su) session opened for user notik by root(uid=515) [DEBUG (client 0001 [1])]: writing the following to /w00w00/logs/SSS/clients/0001/1/root-user.log: Oct 4 07:26:09 PAM_pwdb[1815]: (su) session opened for user notik by root(uid=515) [DEBUG (client 0001 [1])]: writing the following to /w00w00/logs/SSS/clients/0001/1/notik-user.log: Oct 4 07:26:09 PAM_pwdb[1815]: (su) session opened for user notik by root(uid=515) [DEBUG (client 0001 [1])]: writing the following to /w00w00/logs/SSS/clients/0001/1/log.auth: Oct 4 07:26:09 PAM_pwdb[1815]: (su) session opened for user notik by root(uid=515) [DEBUG (client 0001 [1])]: writing the following to /w00w00/logs/SSS/clients/0001/1/alljunk: Oct 4 07:26:09 PAM_pwdb[1815]: (su) session opened for user notik by root(uid=515) [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: STREAM: <38>Oct 4 07:26:10 PAM_pwdb[1815]: (su) session closed for user notik [DEBUG (client 0001 [1])]: (in readStream).. the data is: STREAM: <38>Oct 4 07:26:10 PAM_pwdb[1815]: (su) session closed for user notik [DEBUG (client 0001 [1])]: facility = 4, priority = 6 [DEBUG (client 0001 [1])]: facility = auth, priority = info [DEBUG (client 0001 [1])]: writing the following to /w00w00/logs/SSS/clients/0001/1/pipe.log-pipe.log: Oct 4 07:26:10 PAM_pwdb[1815]: (su) session closed for user notik [DEBUG (client 0001 [1])]: writing the following to /w00w00/logs/SSS/clients/0001/1/messages: Oct 4 07:26:10 PAM_pwdb[1815]: (su) session closed for user notik [DEBUG (client 0001 [1])]: writing the following to /w00w00/logs/SSS/clients/0001/1/syslog: Oct 4 07:26:10 PAM_pwdb[1815]: (su) session closed for user notik [DEBUG (client 0001 [1])]: writing the following to /w00w00/logs/SSS/clients/0001/1/tty13: Oct 4 07:26:10 PAM_pwdb[1815]: (su) session closed for user notik [DEBUG (client 0001 [1])]: writing the following to /w00w00/logs/SSS/clients/0001/1/wall.log: Oct 4 07:26:10 PAM_pwdb[1815]: (su) session closed for user notik [DEBUG (client 0001 [1])]: writing the following to /w00w00/logs/SSS/clients/0001/1/shok-user.log: Oct 4 07:26:10 PAM_pwdb[1815]: (su) session closed for user notik [DEBUG (client 0001 [1])]: writing the following to /w00w00/logs/SSS/clients/0001/1/root-user.log: Oct 4 07:26:10 PAM_pwdb[1815]: (su) session closed for user notik [DEBUG (client 0001 [1])]: writing the following to /w00w00/logs/SSS/clients/0001/1/notik-user.log: Oct 4 07:26:10 PAM_pwdb[1815]: (su) session closed for user notik [DEBUG (client 0001 [1])]: writing the following to /w00w00/logs/SSS/clients/0001/1/log.auth: Oct 4 07:26:10 PAM_pwdb[1815]: (su) session closed for user notik [DEBUG (client 0001 [1])]: writing the following to /w00w00/logs/SSS/clients/0001/1/alljunk: Oct 4 07:26:10 PAM_pwdb[1815]: (su) session closed for user notik [DEBUG (client 0001 [1])]: receiving data... [ERROR (pid 1809)]: received a signal to abort in sighandler.. signal was 2 [ERROR (pid 1809)]: received abort request... [DEBUG (pid 1809)]: closing sockets [DEBUG (pid 1809)]: detaching shared memory [DEBUG (pid 1809)]: killing the client hander (pid 1814)... ID 0001 [DEBUG (client 0001 [1])]: closing sockets [DEBUG (client 0001 [1])]: closing log files [DEBUG (client 0001 [1])]: detaching shared memory ---------------------------------------------- SSS [server] restarted on: Sun Oct 4 08:16:52 1998 [DEBUG (pid 1913)]: running in debug mode.. not forking/daemonizing [DEBUG (pid 1913)]: (in getSSSuser) parsing line: # This was generate automatically be SSS setup.sh [DEBUG (pid 1913)]: (in getSSSuser) parsing line: # Do not modify [DEBUG (pid 1913)]: (in getSSSuser) parsing line: [DEBUG (pid 1913)]: (in getSSSuser) parsing line: sss [DEBUG (pid 1913)]: local timezone: MST [DEBUG (pid 1913)]: next client will get clients[0] [DEBUG (pid 1913)]: now waiting for a new client to connect.. [DEBUG (pid 1913)]: sending the following to the client: SUCCESSFUL connect [DEBUG (pid 1913)]: receiving data... [DEBUG (pid 1913)]: data received from the client [DEBUG (pid 1913)]: data is: ID 0001 [DEBUG (pid 1913)]: (in procData) ID part.. data is: ID 0001 [DEBUG (client 0001)]: sending random challenge to client.. [DEBUG (client 0001)]: sending the following to the client: VERIFY 2029028195 [DEBUG (client 0001)]: receiving data... [DEBUG (client 0001)]: data received from the client [DEBUG (client 0001)]: data is: VERIFY 2029028195 [DEBUG (client 0001)]: client successfully verified... [DEBUG (client 0001)]: sending the following to the client: SUCCESSFUL verification [DEBUG (client 0001 [1])]: current sub-ID for ID 0001 = 1 [DEBUG (client 0001 [1])]: now forking a child to handle the client [DEBUG (client 0001 [1])]: clients[0].pid = 1934 [DEBUG (client 0001 [1])]: getting a new shared memory ID [DEBUG (client 0001 [1])]: attaching the shared memory segment [DEBUG (client 0001 [1])]: removing the shared memory ID [DEBUG (client 0001 [1])]: creating /var/log/SSS [DEBUG (client 0001 [1])]: creating /var/log/SSS/clients [DEBUG (client 0001 [1])]: creating /var/log/SSS/clients/0001 [DEBUG (client 0001 [1])]: (in createDirs) numSubIDs = 1 [DEBUG (client 0001 [1])]: creating /var/log/SSS/clients/0001/1 [DEBUG (client 0001 [1])]: (in procData) waiting for next instruction [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: VERS [DEBUG (client 0001 [1])]: sending the client the current versions... [DEBUG (client 0001 [1])]: sending the following to the client: CVER 1, SVER 1 [DEBUG (client 0001 [1])]: (in procData) waiting for next instruction [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: SERVLIST [DEBUG (client 0001 [1])]: sending client the streaming server list... [DEBUG (client 0001 [1])]: sending the following to the client: SERV localhost [DEBUG (client 0001 [1])]: sending the following to the client: SERV prodigy.repsec.com [DEBUG (client 0001 [1])]: sending the following to the client: SERV enigma.repsec.com [DEBUG (client 0001 [1])]: sending the following to the client: DONE [DEBUG (client 0001 [1])]: (in procData) waiting for next instruction [DEBUG (client 0001 [1])]: receiving data... [DEBUG (client 0001 [1])]: data received from the client [DEBUG (client 0001 [1])]: data is: QUIT [DEBUG (client 0001 [1])]: closing sockets [DEBUG (client 0001 [1])]: closing log files [DEBUG (client 0001 [1])]: detaching shared memory
Current thread:
- SRS (Secure Remote Streaming): a secure Unix syslog Matt Conover (Jan 11)