Tracking ANONYMOUS FTP

[Jerry M. Carlin]

In article <35673 at eerie.acsu.Buffalo.EDU> pjg at acsu.buffalo.edu (Paul Graham) writes:
>it appears (at least to me) with bsd+chroot systems you lose logging
>when the chroot happens for anon. connections.  does logging to a
>remote host solve this problem?  i just log to a file under ~ftp.

This was discussed in July. Here is the part of the posting I saved:

From: jik at athena.mit.edu (Jonathan I. Kamens)
Newsgroups: comp.unix.wizards
Subject: Re: syslog + chroot + ftpd
Date: 29 Jul 90 20:24:47 GMT

In article <LUIS.90Jul27181155 at lutetia.rice.edu>, luis at lutetia.rice.edu
(Luis Soltero) writes:
|> has anyone noticed that syslog stops logging when ftpd logs in an
|> anonymous ftp user?  i have tracked the problem to the chroot system
|> call

In /etc/rc.local do:

if [ -f /usr/etc/syslogd ]; then
	echo 'starting system logger'
	rm -f /dev/log /var/spool/ftp/dev/log
	syslogd
	ln /dev/log /var/spool/ftp/dev/log
fi

Future:

Both Guy and Dan are correct in essence about the cause of the
problem, which is (in more detail) that when the 4.3BSD syslog() sends
messages to /dev/log by doing a sendto() on an unconnected socket,
rather than doing connect() when openlog() is called so that the program
has an idea of where messages should be sent, even after a chroot().

The BSD networking release sources (and thus, I assume, the 4.4BSD
sources) solve this problem by doing a connect() to /dev/log the first
time logging is done (or when openlog() is called), so that the program
knows where to send messages even after the chroot().  If you can get
your hands on this version of the syslog library code (it may be
available on uunet.uu.net, or, if you have a BSD source license, you
should be able to get it from BSD), you can install it in your C library
and relink ftpd to get rid of the problem.

--
Jerry M. Carlin	(415) 823-2441 jmc at srv.pacbell.com
To dream the impossible dream. To fight the unbeatable foe.