[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

pam_tty_audit



Hi,

I've some problems configuring the pam_tty_audit module:
In which pam.d files do I need to configure pam_tty_audit? (RHEL)
It seems system-auth is not enough.

Purpose: auditing root and a list of users according to a glob pattern.
I don't want to miss something (logging in from sudo, su -, console, ssh...)
(example here: root and "user1")

On RHEL6 I have
 
system-auth, su, su-l:
session   required pam_tty_audit.so disable=* enable=root,user1

And for sudo open_only is recommended???
session    required     pam_tty_audit.so open_only enable=root,user1

But if user1 does log on, no commands are logged....

Any idea?




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]