Red Hat / Fedora :: Capture Blank Field In /var/log/secure
Jan 7, 2011
An unsuccessful login via a tty by a known user and an unknown user will generate an almost exact line in /var/log/secure with the exception of the last field. To see this specifically do Ctrl-Alt-F2, for example. Now login with a known user and log out. Next attempt a login with a bogus user name which fails. Go back to your GUI enviroment (Ctrl-Alt-F7) and then tail /var/log/secure. For the known user the last field will be "user=some_name_here. The unknown user will not have a "user=" field.
How do I capture the two via different variables in bash?
For example: KNOWN_USER=`syntax that finds the user= field.` echo There is a user= field and the user is mmouse.
UNKNOWN_USER=`syntax that does NOT find the user= field` echo There is NO user= field and an unknown user tried to login.
If been exploring using sed to grab (or not grab) that last field, but haven't hit upon the right syntax yet.
I've just installed FC12 on my nettop and I've notice that when I go to "system -> network" the hostname is "Fedora001". When I ping its IP I get "new-host.home". What did I do or didn't do? How do I correct this? Do I need to change it in the "hostname" file?Also, can I leave "domain" field blank?
I made a fresh install of Lucid, but I miss under status widget that controls the pidgin's status in the top panel near turn off button, a blank field where you can type in your personal status message. Like one in the attachment below. What am I actually missing?
I've had a very colorful morning learning the innerparts of Linux's sort command, and have come across yet another issue that I can't seem to find an answer for in the documentation. I'm currently using -t, to indicate that my fields are split by the comma character, but I'm finding that in some of my files, the comma is used (between double-quotes) within values:
Jonathan Sampson,,foo@bar.com,0987654321 "Foobar CEO,","CEO,",ceo@foobar.com,,
How can I use a comma to terminate my fields, but ignore the occurences of it within values? Is this fairly simple, or do I need to re-export all of my data using a more-foreign field-terminator? (Unfortunately, I do not have any control over declaring a different terminator with this particular project).
I'm trying to display fields from flat files where the first 8 fields are always the same. Fields 9 - n are varied but will contain specific patterns I'm after. I'm using this so far because "mySearch" is on each line I want to examine.
Code:
How would you pattern match and include 2 additional fields above field $9 but change field position from line to line?
I am creating a game with random variables. In the game I have created a dialogue exchange to players. I have set up a table with various returns and I inserted {$fields} to represent various random variables. When I call on the requested fields, I only see the field text and my field names. Am I supposed to parse something and call it back another way?
ie: myfield is: "You have won {$random1} silver! <br />{$wi['gender'] majesty rewards you well." the code I am using to call that field is:
I have searched far and wide but could not seem to find a way to prevent GDM from hiding the password field. I am the only user of my laptop, to login I first need to click the login name to show the password field and then I can enter the password. I would like to have the password field always visible and have focus.
I'm an Oracle DBA and started working for my current employer about 4 months ago. This past weekend an alert re: FS space brought my attention to /var/spool/clientmqueue (full of mail re: cron jobs) and the fact that sendmail is not running on our Linux servers.I'm told that the IT security team deemed sendmail too vulnerable so we don't run it.Aside from FS filling up and missing notification of issues with crontab entries, I'm concerned that we may be missing notification of potential issues. In other Unix/Linux environments I've seen emails from the print daemon when it experienced problems with specific jobs.
Are there other Linux facilities aside from cron and lpd that use email to advise the users of possible issues? Are there ways to secure sendmail or secure alternatives to sendmail? My primary need/desire is to make sure that emails regarding issues on the server get to the appropriate users. Secondary goal would be to have the ability to use mailx to send mail out. There is No need/desire to receive mail from outside.
Anyone know what the extra . (dot) in the permissions field is in the output of ls -la in FC11? A permissions field is normally 10 bytes, whats with the dot, a man an info on ls caused nothing obvious to jump out at me. A eleven byte perm field now with a trailing dot insead of the normal ten byte field
[root@osprey mark]# uname -a Linux osprey 2.6.29.5-191.fc11.i686.PAE #1 SMP Tue Jun 16 23:19:53 EDT 2009 i686 i686 i386 GNU/Linux [root@osprey mark]# ls -la / total 110 drwxr-xr-x. 23 root root 4096 2009-07-17 20:56 . drwxr-xr-x. 23 root root 4096 2009-07-17 20:56 .. -rw-r--r--. 1 root root 0 2009-07-17 20:56 .autofsck
I installed fedora lastnight, but any addresses I type in the field is returning server error, but if I type the IP address it will work, I reinstalled Fedora 11 about 3 times, samething.
I'm having problems with the screen capture utility in Fedora 11. Everytime i capture a screenshot, it looks like this:[url]
I've tried turning off Compiz, but that doesn't do anything. I suspect it may have something to do with the kms (I have an Intel 82855/855GM, which has had issues in beta).
I wonder if there is the possibility of getting to press any key and the F6 for example, Fedora starts up a screenshot, equal to application "form screen capture image" in the menu acessories .. The problem is that if I want to do this I have to be opening up the application every time .. and I like to do with was fast, just by clicking F6 or printscreen for example ..
I'm trying to get skype going in Fedora 12 KDE x86_64 (fully updated). I did some testing with and without the pulseaudio server installed. With the pulseaudio, I didn't manage at all. I know I got it working before _without_ pulseaudio, but after a yum update the pulseaudio got reinstalled and the mic stopped working. Now I traced this problem down to what I think is wrong: I have a HDA Intel sound card, but 'cat /proc/asound/devices', doesn't show me any analog capture input at all:
I just upgrade to F12 from F10 and having problem with Skype mic audio. it was working well with F10 before.
I have try to plug in a mic for internal sound card and using external USB headse, both sources could not capture my mic audio. I try to use Gnome Volume preference to select the source and it makes no different. I also noticed the output volume is low on USB headset too
Just get it working on playing with Gnome Volume preference. I find that on headset input and output audio, I have to crank it up to 100% range to get it working. Volume control seems to be useful from 80-100% Problem solved, hope pulseaudio would improve the volume control
I am relatively new to using awk. I have a file with 10 identical lines. The last field in each line is a numeric. I want to check each of these lines and if the last field is greater than 500, I want to capture the line and send it in an e-mail. I know how to do this with a single line, but I don't know how to step through all 10 lines.
I basically want to record audio streams. The most useful purpose is to record conversations on skype (and other applications). This is for a legitimate reason if anyone is worried; I often have long conference calls on skype (an another voip collaborative tool called EVO), and a recording would be a nice way to keep minutes and participate in the working meeting. I'm not worried about capturing video yet. The audio is the important for me for now. This is going to display my woeful ignorance of Linux audio systems. I'm running F12 x86_64 on a Dell inspiron laptop. I believe that the system is using the PulseAudio sound server.
I thought something like: ffmpeg -f oss -i /dev/dsp sample.mp3 Could work, but I don't have a /dev/dsp. I think these are in a separate directory /dev/snd; however the content of this directory is not clear which device is the appropriate one. I tried pointing ffmpeg to a few of them, but it resulted in errors thus: /dev/snd/hwC0D0: no such file or directory I know it's there because [tab] complete. I found another alternative which uses parec. parec --format=s16le --rate=44100 -channels=2 sample.raw
Unfortunately this only records the microphone input and not everything else going through my sound server. I wish I could find the link again, but there was a third alternative which required writing a bit of C code. I thought that could be a nice little project to better acquaint myself with this stuff.
I'm trying to record my desktop and tested some solutions. While I was impressed how small .mng files could be, it is a disadvantage that I can't capture audio with it and many users won't be able to open these (browser / Windows). I have been very impressed by the xvidcap instruction videos: 4:30 in only 9MB, which makes 180MB for 90 minutes. This would be suitable. With Camtasia my professor even records 90min in 100MB. The problem is that xvidcap hasn't been updated since 2006 and seems to be dead. RecordMyDesktop needs 6MB for 1 minute or 540MB for 90 minutes, which is too much. Could anybody give me some hints on how to capture very small video files, which are still clear enough to read text in a format most users can open? It would also be cool to be able to show specific PDF or HTML pages synchronised to the video.
My laptop is Fujitsu PA 1510. I am unable to record sound with my microphone. I can hear myself talking crystal clear through speakers and the input sliders move on sound preferences. But when I try to record something, my voice is really quiet and there is lots of distortion and buzzing.
Code: #cat /proc/asound/* cat: /proc/asound/card0: Is a directory 0 [SB ]: HDA-Intel - HDA ATI SB HDA ATI SB at 0xc0000000 irq 16 1: : sequencer
In the upcoming days I will be formatting my F14 box and switching to F15. Now I have offered a friend to use some of my storage (8TB) as a ackup for her personal files/photos. I want to set it up so that she can be sure she is the only one having acces to it (so not even I can read them as root).How can I set this up. encryption? account configuration?
Most likely she will upload via secure FTP.She trusts me, but I want to provide her with the piece of mind that it is not accessible by anyone but her.
Are the default firewall settings of F10 without any modification, sufficiently secure for general usage and to bridge the timeframe between a fresh installation of F10 and the time before the security updates are applied?imilar to how Windows firewall is set without any configuration, or do I need manually configure it to be somewhat secure, or something like Firestarter.
incoming connections are not being reported to my /var/log/secure. I can't see if people are trying to connect. I can't troubleshoot because I can't do anything.
