[Swan] pam_open_session(3) Re: SUCCESS Re: NEW PROBLEM Re: IKEv2 PAM auth failure - how it's done properly?

Paul Wouters paul at nohats.ca
Wed Jan 26 16:51:33 EET 2022

On Wed, 26 Jan 2022, Mirsad Goran Todorovac wrote:

> I did some research. It may be impossible to log IKEv2 sessions in utmp and 
> wtmp, for libreswan doesn't appear to be calling pam_open_session(3) after 
> authenticating the certificate and the user and pam_close_session(3) after 
> the connection is severed.

We never worked with utmp/wtmp, which to me feels more like unix user
login related ?

> I would like to have some handy connection logging apart from 
> /var/log/pluto.log ...

Have a look at https://github.com/libreswan/libreswan/blob/main/contrib/updown-example/example-terminate.py

It shows how you can log the disconnect to a file, but you can replace
the file with like your REST server call.


More information about the Swan mailing list