OpenLDAP 审计日志覆盖模块未在 Debian 上加载

Question

我认为应该是olcAuditlogConfig。至少这是在添加审计日志覆盖后在架构中定义的内容：

# cat << EOF | ldapmodify -Y EXTERNAL -H ldapi://
dn: cn=module{0},cn=config
changetype: modify
add: olcModuleLoad
olcModuleLoad: auditlog.la
EOF

并使用以下命令进行搜索

# ldapsearch -QY EXTERNAL -H ldapi:// -b cn=subschema -s base + | grep -i olcauditlogconfig

显示了的架构条目olcAuditlogConfig：

objectClasses: ( 1.3.6.1.4.1.4203.1.12.2.4.3.15.1
NAME 'olcAuditlogConfig'
DESC 'Auditlog configuration'
SUP olcOverlayConfig STRUCTURAL
MAY olcAuditlogFile )

然后使用正确的权限创建日志文件：

touch /var/log/auditlog.ldif
chown openldap:openldap /var/log/auditlog.ldif

并添加审计日志配置：

# cat << EOF | ldapmodify -Y EXTERNAL -H ldapi://
dn: olcOverlay={0}auditlog,olcDatabase={1}mdb,cn=config
changetype: add
objectClass: olcOverlayConfig
objectClass: olcAuditlogConfig
olcOverlay: {0}auditlog
olcAuditlogFile: /var/log/auditlog.ldif
EOF

cn=config在全新安装slapd（Debian 9.4 Stretch，slapd 2.4.44+dfsg-5+deb9u1）时，结果如下：

# slapcat -n 0 -o ldif-wrap=no
...

dn: cn=module{0},cn=config
objectClass: olcModuleList
cn: module{0}
olcModulePath: /usr/lib/ldap
olcModuleLoad: {0}back_mdb
olcModuleLoad: {1}auditlog.la
structuralObjectClass: olcModuleList
...

dn: olcDatabase={1}mdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcMdbConfig
olcDatabase: {1}mdb
olcDbDirectory: /var/lib/ldap
...

dn: olcOverlay={0}auditlog,olcDatabase={1}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcAuditlogConfig
olcOverlay: {0}auditlog
olcAuditlogFile: /var/log/auditlog.ldif
structuralObjectClass: olcAuditlogConfig

Answer 1

我认为应该是olcAuditlogConfig。至少这是在添加审计日志覆盖后在架构中定义的内容：

# cat << EOF | ldapmodify -Y EXTERNAL -H ldapi://
dn: cn=module{0},cn=config
changetype: modify
add: olcModuleLoad
olcModuleLoad: auditlog.la
EOF

并使用以下命令进行搜索

# ldapsearch -QY EXTERNAL -H ldapi:// -b cn=subschema -s base + | grep -i olcauditlogconfig

显示了的架构条目olcAuditlogConfig：

objectClasses: ( 1.3.6.1.4.1.4203.1.12.2.4.3.15.1
NAME 'olcAuditlogConfig'
DESC 'Auditlog configuration'
SUP olcOverlayConfig STRUCTURAL
MAY olcAuditlogFile )

然后使用正确的权限创建日志文件：

touch /var/log/auditlog.ldif
chown openldap:openldap /var/log/auditlog.ldif

并添加审计日志配置：

# cat << EOF | ldapmodify -Y EXTERNAL -H ldapi://
dn: olcOverlay={0}auditlog,olcDatabase={1}mdb,cn=config
changetype: add
objectClass: olcOverlayConfig
objectClass: olcAuditlogConfig
olcOverlay: {0}auditlog
olcAuditlogFile: /var/log/auditlog.ldif
EOF

cn=config在全新安装slapd（Debian 9.4 Stretch，slapd 2.4.44+dfsg-5+deb9u1）时，结果如下：

# slapcat -n 0 -o ldif-wrap=no
...

dn: cn=module{0},cn=config
objectClass: olcModuleList
cn: module{0}
olcModulePath: /usr/lib/ldap
olcModuleLoad: {0}back_mdb
olcModuleLoad: {1}auditlog.la
structuralObjectClass: olcModuleList
...

dn: olcDatabase={1}mdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcMdbConfig
olcDatabase: {1}mdb
olcDbDirectory: /var/lib/ldap
...

dn: olcOverlay={0}auditlog,olcDatabase={1}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcAuditlogConfig
olcOverlay: {0}auditlog
olcAuditlogFile: /var/log/auditlog.ldif
structuralObjectClass: olcAuditlogConfig

OpenLDAP 审计日志覆盖模块未在 Debian 上加载

答案1

相关内容