Closed
Bug 505331
Opened 15 years ago
Closed 15 years ago
LDAP server logs
Categories
(mozilla.org Graveyard :: Server Operations, task)
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: gerv, Assigned: aravind)
Details
We would like to have a dormant accounts policy. This requires some mechanism for identifying dormant accounts. It is thought that the best way to implement this would be to write a cronned script which parsed the LDAP server logs once a day and kept a record of all the IDs it had seen. After six months, anyone not in the database would be considered dormant. Please can you supply me with some sample server logs (say, 4 days worth) and the other information I might need to write such a script (filenames, locations on disk etc.). Thanks :-) Gerv
Updated•15 years ago
|
Assignee: server-ops → aravind
Assignee | ||
Comment 1•15 years ago
|
||
I think it might be better to parse the secure log (/var/log/secure) from sshd to get this information that to comb though ldap logs. Those are generated for all kind of things, and sometimes they are not (when nscd caches stuff). If that works, I can get you a copy of that secure log file.
Reporter | ||
Comment 2•15 years ago
|
||
I'm happy to use whatever log file has the info in :-) Gerv
Comment 3•15 years ago
|
||
We support committing via HTTPS (for svn, at least), so SSH secure logs wouldn't show anybody who committed that way. Most of our web localizers do that, so we can't just ignore them.
Assignee | ||
Comment 4•15 years ago
|
||
For svn you could use the viewvc db to get that information? Come to think of it, couldn't you use that pushlog db information for mercurial? That way.. no log combing would be necessary.
Comment 5•15 years ago
|
||
(In reply to comment #4) > For svn you could use the viewvc db to get that information? Come to think of > it, couldn't you use that pushlog db information for mercurial? That way.. no > log combing would be necessary. For svn, as long as such a script has read access to the db, that might work. For Hg, there's no global pushlog db, so the script would have to access every pushlog db for every repo. I guess that's doable...
Assignee | ||
Comment 6•15 years ago
|
||
Gerv: Can I resolve this as wontfix? Do you need me to get you a sample pushlog db or do you have those locally? Also, the viewvc svn db should also be pretty easy to replicate locally.
Reporter | ||
Comment 7•15 years ago
|
||
Hmm. I guess using the visible logs would make it easier for me to run the script, and it does look like both Hg and SVN information is available publicly. The idea of using Hg pushlog sucks a bit because if there's no global pushlog I'd have to update the script every time we added a new repo. Unless I scraped a repo list off the website too. Although it is handy that pushlogs are available as Atom. The SVN info is indeed available from: http://viewvc.svn.mozilla.org/vc/?view=queryform And it's available in RSS. And I could scrape bonsai for CVS too. No RSS or Atom there, right? Gerv
Comment 8•15 years ago
|
||
Found alternate way to get info.
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → WONTFIX
Updated•9 years ago
|
Product: mozilla.org → mozilla.org Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•