The configuration of the audit framework is optionnal
The MMC audit framework allows to record all users operations made through the MMC agent, and so the MMC web interface. These operations are all loggued: LDAP modifications, all filesystem related modifications, and service management (stop, start, ...)
The Python SQLAlchemy library version 0.5.x/0.6.x is required for the audit framework. The Python / MySQL bindings are also needed. On Debian install the following packages:
apt-get install python-mysqldb python-sqlalchemy
The audit framework is configured in the base.ini configuration file, and is disabled by default. To enable it, uncomment the audit section. It should look like:
[audit] method = database dbhost = 127.0.0.1 port = 3306 dbdriver = mysql dbuser = audit dbpassword = audit dbname = audit
The mmc-helper tool will allow you to create the dabatase and to populate it with the audit tables easily.
To create the MySQL database:
# mmc-helper audit create -- Execute the following lines into the MySQL client CREATE DATABASE audit DEFAULT CHARSET utf8; GRANT ALL PRIVILEGES ON audit.* TO 'audit'@localhost IDENTIFIED BY 'audit'; FLUSH PRIVILEGES;
Just execute the printed SQL statement in a MySQL client and the database will be created. Note that the base.ini is read to set the audit database name, user and password in the SQL statements.
On most Linux distribution, the “root” user has administrative access to the local MySQL server. So this one liner will often be enough:
# mmc-helper audit create | mysql
Once created, the audit database tables must be initialized with this command:
# mmc-helper audit init INFO:root:Creating audit tables as requested INFO:root:Using database schema version 2 INFO:root:Done
At the next start, the MMC agent will connect to the audit database and record operations.