| 1 |
Alex Schuster <wonko <at> wonkology.org> writes: |
| 2 |
|
| 3 |
|
| 4 |
> > When you run kde-4 on gentoo and use the kde-login-manager app |
| 5 |
> > are the login sessions recorded into a permanent or temporary file? |
| 6 |
|
| 7 |
> If you want to know, who is logged in and when someone logged in, check |
| 8 |
> the man page for utmp / wtmp. These files are not human readable indeed, |
| 9 |
> but you can use the 'who' or 'w' command to see who is currently logged |
| 10 |
> in, and the last command to see when someone logged in. The 2nd column |
| 11 |
> shows where the login came from (and the 3rd from where), it displays |
| 12 |
> 'ssh' when someone logged in via ssh. ':0' means someone started a login |
| 13 |
> on the first X display. Probably using KDE4, but it may be any |
| 14 |
> other window manager. So I have no answer to your question about KDE |
| 15 |
> logins. And I don't knwo if the feature you are looking for exists at all. |
| 16 |
|
| 17 |
> Maybe you can hack /usr/share/config/kdm/Xsession, to add an entry in |
| 18 |
> some log file in case KDE is being started. |
| 19 |
|
| 20 |
I was looking for the login record, like what last provides, |
| 21 |
specific for all login attempts, successful or not. |
| 22 |
I was hoping to capture (grep - whatever) attempted login |
| 23 |
sessions that failed, mostly from kde-4, but ssh failed sessions |
| 24 |
would be ok too. But login failure are the target of what |
| 25 |
I'm really looking for, for systems that each maintain there |
| 26 |
own password file on a given network. |
| 27 |
|
| 28 |
I guess I'd need some security wrapper app that looks for and |
| 29 |
logs this sort of information explicitly for analysis... |
| 30 |
Maybe a separate app, one for ssh_fail and one for kde_mgr_fail. |
| 31 |
|
| 32 |
Anyone got any suggestions? |
| 33 |
|
| 34 |
James |
Archives