This section provides the possible error messages for client and server authentication.
Errors in authentication are reported in the following log files:
Installation logs:
/var/adm/log
(Oracle Solaris only)
/var/log
(Oracle Linux only)
Configuration logs:
/var/adm/log
(Oracle Solaris only)
/var/log/SUNWut
(Oracle Linux only)
General log files:
/var/opt/SUNWut/log
/var/opt/SUNWut/srds/log
/var/opt/SUNWut/srds/replog
Messages logged into
/var/opt/SUNWut/log/messages
are delivered
through the syslog
service described in the
syslogd
man page. The general format of these
messages is:
timestamp thread_name message_class message
For example:
May 7 15:01:57 e47c utauthd: [ID 293833 user.info] Worker3 NOTICE: SESSION_OK pseudo.080020f8a5ee
Message components are defined as follows:
timestamp
format:
year
.month
.day
hours
:minutes
:seconds
thread_name
:
Worker# - Handles client authentication, access control, and session monitoring. Messages with the same thread name are related. The exception occurs when a Worker# thread disconnects a client and then purges the connection information from memory. After a Worker# DESTROY message, the next use of that Worker# thread name has no relation to previous uses of the thread name. In other words, thread names are reused.
SessionManager# - Communicates with
utsessiond
on behalf of a Worker#
thread.
AdminJobQ - Used in the implementation to wrap a library that would not otherwise be thread-safe.
CallBack# - Communicates with applications such as utload.
WatchID - Used to poll data or terminals from connections
Terminator - Cleans up terminal sessions
Group Manager - Main group manager thread
message_class
:
CLIENT_ERROR - Indicates unexpected behavior from a client. These messages can be generated during normal operation if a client is rebooted.
CONFIG_ERROR - Indicates a system configuration error. The Authentication Manager exits after this error is detected.
NOTICE - Indicates a normal event.
UNEXPECTED - Logs events or conditions that were not anticipated for normal operation but are not fatal.
DEBUG - Occurs only if explicitly enabled and is used by the development team. Debug messages can reveal session IDs, which must be kept secret to ensure proper security.
Table 11.3 Server and Client Authentication Error Message Examples
Error class | Message | Description |
---|---|---|
CLIENT_ERROR | ...Exception ... : cannot send keepAliveInf | Error encountered while attempting to send a keep-alive message to a client. |
...keepAlive timeout | A client has failed to respond within the allotted time. The session is being disconnected. | |
duplicate key: | Client does not properly implement the authentication protocol. | |
invalid key: | Client does not properly implement the authentication protocol. | |
CONFIG_ERROR | attempt to instantiate CallBack 2nd time. | Program error. |
AuthModule.load | Problem encountered while loading configuration module. | |
Cannot find module | Program or installation error. | |
NOTICE | "discarding response: " + param | No controlling application is present to receive client response. |
"NOT_CLAIMED PARAMETERS: " + param | A token was not claimed by any authentication module. | |
...authentication module(s) loaded. | Notification that authentication modules have loaded. | |
...DISCONNECT ... | Normal notification of disconnection. | |
UNEXPECTED | "CallBack: malformed command" |
Bad syntax from a user application such as
|
.../ ... read/0:" + ie | Possible program error. | |
.../ ... read/1: ... Exception ... | Error encountered while reading messages from the client. | |
.../... protocolError: ... |
Various protocol violations are reported with this
message. This error condition is also a way for
|