[OpenAFS] Question
Brian Sebby
sebby@anl.gov
Fri, 11 Dec 2009 11:21:34 -0600
Note that in order to get full listings of every authentication, you need
to run kaserver with the "-debug" option. Once you do that, it will log
every authentication into AuthLog.
If you don't have -debug, you probably won't have past data, but once you
restart, it'll work.
If you do a "bos status <db server> kaserver -long", you should see:
Instance kaserver, (type is simple) currently running normally.
Process last started at Wed Dec 9 21:45:24 2009 (1 proc starts)
Command 1 is '/usr/afs/bin/kaserver -debug'
Brian
On Fri, Dec 11, 2009 at 08:32:32AM -0600, Douglas E. Engert wrote:
>
>
> Jaime Cifuentes wrote:
> >My customer is planning a migration of OpenAFS to a different filesystem
> >platform and is requesting information about when was the last time
> >usernames accessed AFS. We use "kas" as an authentication method and I
> >have not found any way to display that information. Is there such a
> >possibility? We can find when the password was last changed with "kas
> >e", but is all I can see.
>
> As Russ pointed out its in the logs, at least for the last few weeks.
> Look at the attached script that will show by host kas access and last
> access.
>
>
>
> >
> >Jaime Cifuentes
> >DCE/DFS-AFS Support, Hitachi
> >
>
> --
>
> Douglas E. Engert <DEEngert@anl.gov>
> Argonne National Laboratory
> 9700 South Cass Avenue
> Argonne, Illinois 60439
> (630) 252-5444
> #!/bin/bash
> # get klog stats for selected users
> #
> # option $1 old get last weeks AuthLog.old
> #
> #
>
> LOG=/tmp/get.klog.stats.log
> TMP=/tmp/get.klog.stats.tmp
>
> # $1 is hex string like 928960a0
> # HOST is set the hostname
> HexIpToHost()
> {
> local UADDR
> local DADDR
>
> UADDR=`echo "$1" | tr "[a-f]" "[A-F]"`
> DADDR=`echo "ibase=16; a=$UADDR; " \
> "d=a%100; a=/100; c=a%100; a=/100; b=a%100; a=/100;"\
> "a;b;c;d"| bc | sed -e 'N;N;N;s/\n/./g'`
> HOST=`dig +short -x $DADDR | sed -e 's/[.]$//'`
> }
>
> ####### MAIN #######
> if [ "X$1" = "Xold" ] ; then
> LOGVER=".old"
> fi
> LOG=/tmp/get.klog.stats$LOGVER.log
> TMP=/tmp/get.klog.stats$LOGVER.tmp
>
> rm $LOG 2>/dev/null
> rm $TMP 2>/dev/null
> touch $LOG
>
> # | sed -e 's?^\([^ ]* [^ ]* \) \([0-9]\)?\10\2/' \
> # -e 's?^\([^ ]* [^ ]* \) \([0-9]\)?\10\2/' >> $LOG
> AFSSERVERS="list of your AFS database servers"
> for S in $AFSSERVERS
> do
> bos getlog $S AuthLog$LOGVER > /tmp/dee.test.$S
> bos getlog $S AuthLog$LOGVER | grep ",afs:[a-z][a-z][a-z][a-z] from" \
> | sed \
> -e 's?^\([^ ]* [^ ]* \) \([0-9]\)?\10\2?' \
> -e 's?^\([^ ]* \)Jan ?\101 ?' \
> -e 's?^\([^ ]* \)Feb ?\102 ?' \
> -e 's?^\([^ ]* \)Mar ?\103 ?' \
> -e 's?^\([^ ]* \)Apr ?\104 ?' \
> -e 's?^\([^ ]* \)May ?\105 ?' \
> -e 's?^\([^ ]* \)Jun ?\106 ?' \
> -e 's?^\([^ ]* \)Jul ?\107 ?' \
> -e 's?^\([^ ]* \)Aug ?\108 ?' \
> -e 's?^\([^ ]* \)Sep ?\109 ?' \
> -e 's?^\([^ ]* \)Oct ?\110 ?' \
> -e 's?^\([^ ]* \)Nov ?\111 ?' \
> -e 's?^\([^ ]* \)Dec ?\112 ?' \
> -e 's?^\([^ ]*\) \([^ ]*\) \([^ ]*\) \([^ ]*\) \([^ ]*\)?\5/\2/\3-\4 \1?'
> done \
> | sort > $LOG
>
> # $1 is hex string like 928960a0
> # HOST is set the hostname
> HexIpToHost()
> {
> local UADDR
> local DADDR
>
> UADDR=`echo "$1" | tr "[a-f]" "[A-F]"`
> DADDR=`echo "ibase=16; a=$UADDR; " \
> "d=a%100; a=/100; c=a%100; a=/100; b=a%100; a=/100;"\
> "a;b;c;d"| bc | sed -e 'N;N;N;s/\n/./g'`
> HOST=`dig +short -x $DADDR | sed -e 's/[.]$//'`
> }
>
>
> grep ",afs:" $LOG | sed \
> -e 's/^.* \([^ ,]*\),afs:.* from \([0-9a-f]*\)$/\1 \2/' \
> | sort | uniq -c > $TMP
>
> while read COUNT NAME HADDR ; do
>
> HexIpToHost $HADDR
>
> LAST=`grep "$NAME,afs:.* from $HADDR" <$LOG\
> | tail -1 | sed -e 's/^\(.*\)'$NAME',afs:.*$/\1/'`
>
> printf "%5s %-15s %s %-25s %s\n" $COUNT $NAME $HADDR $HOST "$LAST"
>
> done < $TMP
>
>
>
>
--
Brian Sebby (sebby@anl.gov) | Unix and Operation Services
Phone: +1 630.252.9935 | Computing and Information Systems
Fax: +1 630.252.4601 | Argonne National Laboratory