Session recording
Ben Scott
dragonhawk at gmail.com
Sun Mar 30 16:39:03 EDT 2008
On Sat, Mar 29, 2008 at 8:51 AM, Kenny Lussier <klussier at gmail.com> wrote:
> The control characters aren't the only reason that script doesn't work
> for us. Script will write out to a file, but the lines aren't time
> stamped, so it's impossible to know when a command was run. Also, the
> file would need to be writable by the user, which defeats the point of
> all the logging :-)
You should be able wrap up the login shell in the script(1) command,
and do it so that the typescript isn't writable by the user, but based
on messages you've posted, it sounds like that's not really what
you're after. You're not after the terminal session, per se, you're
after an audit log of the actions a user takes. That's something
different. I'd look into process accounting, SELinux, and similar
stuff. They're implemented at the kernel level, and designed to
control and/or record events, regardless of whether they come from an
interactive shell, a shell script, or a "regular program" the user is
running.
-- Ben
More information about the gnhlug-discuss
mailing list