[osiris-devel] monitoring host state
Alexei Roudnev
Alexei_Roudnev at exigengroup.com
Wed Feb 18 18:06:06 EST 2004
Brian.
What do you think, if we add 'system authentication' into the osiris? I
mean - for WinNT, I can write out code, allowing to use NT user names /
passwords instead of internal data base (so that you can configure 'require
group xxx'); for Unix, you can use pam (at least, in theory).
Now, I have some problems with access / authentication. One is _no system
authentication allowed_, other _I can not restrict user to some hosts or
some operations only_. This are minor problems, but they do exists.
Alex
>
> checkout -r rel_3_dev
>
> On Jan 6, 2004, at 2:52 PM, Alexei Roudnev wrote:
>
> > Hmm, NT.. I think I have (yet) 1 NT. I'll try to verify (btw, virtusl
> > machines can be a good choice for testing).
> >
> > Which version - 3.0?
> >
> > ----- Original Message -----
> > From: "Brian Wotring" <brian at shmoo.com>
> > To: "Osiris Developers" <osiris-devel at lists.shmoo.com>
> > Sent: Tuesday, January 06, 2004 12:46 PM
> > Subject: Re: [osiris-devel] monitoring host state
> >
> >
> >>
> >> I've only tested this on Windows 2000. If you could verify this on NT
> >> and XP, that would be really helpful.
> >>
> >> On Jan 6, 2004, at 1:39 PM, Alexei Roudnev wrote:
> >>
> >>> Excellent - if it works -:).
> >>>
> >>> Where (which OS) did you tested it already?
> >>>
> >>> ----- Original Message -----
> >>> From: "Brian Wotring" <brian at shmoo.com>
> >>> To: "Osiris Developers" <osiris-devel at lists.shmoo.com>
> >>> Sent: Tuesday, January 06, 2004 6:02 AM
> >>> Subject: Re: [osiris-devel] monitoring host state
> >>>
> >>>
> >>>>
> >>>> The user entry for Windows now contains a list of groups that user
> >>>> is
> >>>> a
> >>>> member of.
> >>>>
> >>>> On Jan 5, 2004, at 1:05 PM, Alexei_Roudnev wrote:
> >>>>
> >>>>> For Windows, you need to monitor, at least,
> >>>>>
> >>>>> Users, 'Member Of', with names insted of group SID. I can find a
> >>>>> code,
> >>>>> which allowed to extract such information (I wrote it in past -
> >>>>> user,
> >>>>> list
> >>>>> of groups).
> >>>>>
> >>>>> It is not excellent, but works.
> >>>>>
> >>>>>
> >>>>> ----- Original Message -----
> >>>>> From: "Brian Wotring" <brian at shmoo.com>
> >>>>> To: "Osiris Developers" <osiris-devel at lists.shmoo.com>
> >>>>> Sent: Monday, January 05, 2004 11:38 AM
> >>>>> Subject: [osiris-devel] monitoring host state
> >>>>>
> >>>>>
> >>>>>>
> >>>>>> Here is what we have so far. I'm mostly concerned with the lack
> >>>>>> of
> >>>>>> any
> >>>>>> significant attributes on the Windows side. If anyone knows of
> >>>>>> any
> >>>>>> way
> >>>>>> to expand this, now is the time.
> >>>>>>
> >>>>>> unix users: name,uid,gid,gecos,home,shell
> >>>>>> windows users: name, privs, home, flags, auth_flags
> >>>>>>
> >>>>>> unix groups: group,gid
> >>>>>>
> >>>>>> For Windows, only the name. The LOCAL_GROUP_INFO structure
> >>>>>> contains
> >>>>>> only the name and the comment field. Getting the gid and other
> >>>>>> attributes requires using NetGroupEnum(), which I have found to be
> >>>>>> unreliable for listing local group information.
> >>>>>>
> >>>>>> linux kmods: same as output from lsmod
> >>>>>> darwin kexts: same as output from kextstat
> >>>>>> windows kmods (services): name, display_name, status (types
> >>>>>> SERVICE_WIN32)
> >>>>>>
> >>>>>> --
> >>>>>> Brian Wotring ( brian at shmoo.com )
> >>>>>> PGP KeyID: 0x9674763D
> >>>>>>
> >>>>>> _______________________________________________
> >>>>>> osiris-devel mailing list
> >>>>>> osiris-devel at lists.shmoo.com
> >>>>>> https://lists.shmoo.com/mailman/listinfo/osiris-devel
> >>>>>>
> >>>>>
> >>>>> _______________________________________________
> >>>>> osiris-devel mailing list
> >>>>> osiris-devel at lists.shmoo.com
> >>>>> https://lists.shmoo.com/mailman/listinfo/osiris-devel
> >>>>>
> >>>>>
> >>>> --
> >>>> Brian Wotring ( brian at shmoo.com )
> >>>> PGP KeyID: 0x9674763D
> >>>>
> >>>> _______________________________________________
> >>>> osiris-devel mailing list
> >>>> osiris-devel at lists.shmoo.com
> >>>> https://lists.shmoo.com/mailman/listinfo/osiris-devel
> >>>>
> >>> _______________________________________________
> >>> osiris-devel mailing list
> >>> osiris-devel at lists.shmoo.com
> >>> https://lists.shmoo.com/mailman/listinfo/osiris-devel
> >>>
> >>>
> >> --
> >> Brian Wotring ( brian at shmoo.com )
> >> PGP KeyID: 0x9674763D
> >>
> >> _______________________________________________
> >> osiris-devel mailing list
> >> osiris-devel at lists.shmoo.com
> >> https://lists.shmoo.com/mailman/listinfo/osiris-devel
> >>
> >
> > _______________________________________________
> > osiris-devel mailing list
> > osiris-devel at lists.shmoo.com
> > https://lists.shmoo.com/mailman/listinfo/osiris-devel
> >
> >
> --
> Brian Wotring ( brian at shmoo.com )
> PGP KeyID: 0x9674763D
>
> _______________________________________________
> osiris-devel mailing list
> osiris-devel at lists.shmoo.com
> https://lists.shmoo.com/mailman/listinfo/osiris-devel
>
More information about the osiris-devel
mailing list