[OpenAFS] Question
Douglas E. Engert
deengert@anl.gov
Fri, 11 Dec 2009 08:32:32 -0600
This is a multi-part message in MIME format.
--------------090204080203070906030506
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Jaime Cifuentes wrote:
> My customer is planning a migration of OpenAFS to a different filesystem
> platform and is requesting information about when was the last time
> usernames accessed AFS. We use "kas" as an authentication method and I
> have not found any way to display that information. Is there such a
> possibility? We can find when the password was last changed with "kas
> e", but is all I can see.
As Russ pointed out its in the logs, at least for the last few weeks.
Look at the attached script that will show by host kas access and last access.
>
> Jaime Cifuentes
> DCE/DFS-AFS Support, Hitachi
>
--
Douglas E. Engert <DEEngert@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
--------------090204080203070906030506
Content-Type: text/plain;
name="get.klog.stats.sh"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="get.klog.stats.sh"
#!/bin/bash
# get klog stats for selected users
#
# option $1 old get last weeks AuthLog.old
#
#
LOG=/tmp/get.klog.stats.log
TMP=/tmp/get.klog.stats.tmp
# $1 is hex string like 928960a0
# HOST is set the hostname
HexIpToHost()
{
local UADDR
local DADDR
UADDR=`echo "$1" | tr "[a-f]" "[A-F]"`
DADDR=`echo "ibase=16; a=$UADDR; " \
"d=a%100; a=/100; c=a%100; a=/100; b=a%100; a=/100;"\
"a;b;c;d"| bc | sed -e 'N;N;N;s/\n/./g'`
HOST=`dig +short -x $DADDR | sed -e 's/[.]$//'`
}
####### MAIN #######
if [ "X$1" = "Xold" ] ; then
LOGVER=".old"
fi
LOG=/tmp/get.klog.stats$LOGVER.log
TMP=/tmp/get.klog.stats$LOGVER.tmp
rm $LOG 2>/dev/null
rm $TMP 2>/dev/null
touch $LOG
# | sed -e 's?^\([^ ]* [^ ]* \) \([0-9]\)?\10\2/' \
# -e 's?^\([^ ]* [^ ]* \) \([0-9]\)?\10\2/' >> $LOG
AFSSERVERS="list of your AFS database servers"
for S in $AFSSERVERS
do
bos getlog $S AuthLog$LOGVER > /tmp/dee.test.$S
bos getlog $S AuthLog$LOGVER | grep ",afs:[a-z][a-z][a-z][a-z] from" \
| sed \
-e 's?^\([^ ]* [^ ]* \) \([0-9]\)?\10\2?' \
-e 's?^\([^ ]* \)Jan ?\101 ?' \
-e 's?^\([^ ]* \)Feb ?\102 ?' \
-e 's?^\([^ ]* \)Mar ?\103 ?' \
-e 's?^\([^ ]* \)Apr ?\104 ?' \
-e 's?^\([^ ]* \)May ?\105 ?' \
-e 's?^\([^ ]* \)Jun ?\106 ?' \
-e 's?^\([^ ]* \)Jul ?\107 ?' \
-e 's?^\([^ ]* \)Aug ?\108 ?' \
-e 's?^\([^ ]* \)Sep ?\109 ?' \
-e 's?^\([^ ]* \)Oct ?\110 ?' \
-e 's?^\([^ ]* \)Nov ?\111 ?' \
-e 's?^\([^ ]* \)Dec ?\112 ?' \
-e 's?^\([^ ]*\) \([^ ]*\) \([^ ]*\) \([^ ]*\) \([^ ]*\)?\5/\2/\3-\4 \1?'
done \
| sort > $LOG
# $1 is hex string like 928960a0
# HOST is set the hostname
HexIpToHost()
{
local UADDR
local DADDR
UADDR=`echo "$1" | tr "[a-f]" "[A-F]"`
DADDR=`echo "ibase=16; a=$UADDR; " \
"d=a%100; a=/100; c=a%100; a=/100; b=a%100; a=/100;"\
"a;b;c;d"| bc | sed -e 'N;N;N;s/\n/./g'`
HOST=`dig +short -x $DADDR | sed -e 's/[.]$//'`
}
grep ",afs:" $LOG | sed \
-e 's/^.* \([^ ,]*\),afs:.* from \([0-9a-f]*\)$/\1 \2/' \
| sort | uniq -c > $TMP
while read COUNT NAME HADDR ; do
HexIpToHost $HADDR
LAST=`grep "$NAME,afs:.* from $HADDR" <$LOG\
| tail -1 | sed -e 's/^\(.*\)'$NAME',afs:.*$/\1/'`
printf "%5s %-15s %s %-25s %s\n" $COUNT $NAME $HADDR $HOST "$LAST"
done < $TMP
--------------090204080203070906030506--