Managing Authentication in Oracle^® Solaris 11.4

How to Log PAM Error Reports

Before You Begin

You must assume the root role. For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.4.

1. Determine which system-log service instance is online.

   # svcs system-log
   STATE          STIME    FMRI
   online       13:11:55 svc:/system/system-log:rsyslog
   disabled     13:13:27 svc:/system/system-log:default

2. Configure the syslog.conf file for the level of logging that you need.

   See the DESCRIPTION section of the rsyslog.conf(5) man page for information about the logging levels. Most PAM error reporting is done through the LOG_AUTH facility.

   For example, create a file for debug output.

   # touch /var/adm/pam_debuglog

   Then, add the rsyslog.conf entry to send debug output to that file.

   ---

   Note - If the syslog service instance is online, modify the syslog.conf file.

   ---

   # pfedit /etc/rsyslog.conf
   ...
   *.debug        /var/adm/pam_debuglog
   ...

3. Refresh the configuration information for the rsyslog service instance.

   # svcadm refresh system-log:rsyslog

   ---

   Note - Refresh the system-log:default service instance if the syslog service is online.

   ---