How to have logs about users logins/logouts in a NIS server?

Question

I have a NIS server in a Debian machine with several user accounts in passwd and shadow files. Also, I have 10 Ubuntu desktop boxes rununning as NIS clients. The users can login by binding to the NIS server (in those boxes there is only root account in passwd and shadow files). Everything works fine.

However, I'd like to see logfiles in the server about users logging in and logging out in the client stations (with timestamp and IP or station name). My problem is: I can't find where are these logs or how to configure ypbind or ypserv to do so. Is it not possible?

Answer 1

The NIS server will tell you nothing useful.

You can configure your NIS server to log all requests, but authentication checks happen on the client. All the NIS server is asked for is a copy of the passwd entry (username, UID, GID, encrypted password, etc.), which it will happily give to anyone who asks.
The client then performs authentication against that data the same way it would for a local user, determines success or failure, and acts accordingly.

In other words, your NIS server doesn't know who logged in, or if the login succeeded. All it knows is someone asked it for some information.
The NIS servers may not even be consulted for every login (particularly if you're using nscd or something else to cache lookups).

Of course given the above there is also no reason to consult the NIS server for a logout. The NIS server doesn't care when you ended your session.

---

What you probably want to do is collect auth.log or equivalent from each of your NIS clients and forward those events to a central loghost where you can examine them.
This could be combined with event auditing to accurately track login/logout times.

Answer 2

Each system keeps a log of users logged in / out.... you can read it out using last.