You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Jun 13, 2023. It is now read-only.
Currently, the PSRP provider through OMI uses OMI's logging capabilities. This is problematic in several ways:
Frequently, it's better to debug PSRP independently from OMI, and
PSRP, running as @requestor@, does not actually have permissions to write to OMI's logging directory.
As a short term hack to get logging running, you can do the following:
chmod 777 /var/opt/omi/log
Enable debug logging in /etc/opt/omi/conf/omiserver.conf
PSRP server will log to the /var/opt/omi/log/ShellServer.log.
This, of course, has the disadvantage that anybody on the system can write freely to /var/opt/omi/log.
A much better logging mechanism is to do what SCX does:
Create a small EXEC program, similar to SCX's tool, to create directory /var/opt/microsoft/psrp/log/<username>, where that directory is owned by the user in question,
Have a separate configuration file that PSRP reads to determine if it should log or not,
Have a logging directory explicitly for PSRP, perhaps in /var/opt/microsoft/psrp/log.
If the requester is root, then the log file is created in that directory (no subdirectory is created),
If the requester is non-root, use the new directory. Due to omi-preexec having been run, permissions will be set so that user can write the log into that directory.
This would vastly simplify and improve the PSRP provider's logging mechanism.
The text was updated successfully, but these errors were encountered:
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Currently, the PSRP provider through OMI uses OMI's logging capabilities. This is problematic in several ways:
@requestor@
, does not actually have permissions to write to OMI's logging directory.As a short term hack to get logging running, you can do the following:
chmod 777 /var/opt/omi/log
/etc/opt/omi/conf/omiserver.conf
/var/opt/omi/log/ShellServer.log
.This, of course, has the disadvantage that anybody on the system can write freely to
/var/opt/omi/log
.A much better logging mechanism is to do what SCX does:
/var/opt/microsoft/psrp/log/<username>
, where that directory is owned by the user in question,/var/opt/microsoft/psrp/log
.root
, then the log file is created in that directory (no subdirectory is created),This would vastly simplify and improve the PSRP provider's logging mechanism.
The text was updated successfully, but these errors were encountered: