From: Jesper Dahl Nyerup <nyerup@one.com>
To: Karel Zak <kzak@redhat.com>
Cc: "Ángel González" <ingenit@zoho.com>,
util-linux@vger.kernel.org, "Vedpal Rajera" <vedpalr@one.com>,
"Martin Topholm" <mph@one.com>
Subject: Re: Using script(1) to log all user sessions
Date: Tue, 29 Apr 2014 13:10:06 +0200 [thread overview]
Message-ID: <20140429111005.GC31241@one.com> (raw)
In-Reply-To: <20140429104240.GA12056@x2.net.home>
[-- Attachment #1: Type: text/plain, Size: 1616 bytes --]
On Apr 29 12:42, Karel Zak wrote:
> On Tue, Apr 29, 2014 at 12:00:28PM +0200, Jesper Dahl Nyerup wrote:
> > > >1. Adding a daemon next to script(1) and scriptreplay(1), eg.
> > > >scriptcollect(1), to be in the receiving end of the traffic, [...]
> > >
> > > I'm unsure about this bit. It may be needed. Perhaps a transfer
> > > after the session finishes also works.
> >
> > We also considered that, but we keep running in to theoretical corner
> > cases where this could end up being a problem - logging in on systems
> > with filled up mountpoints, securing the transcript even if the system
> > crashes, and so on.
>
> You don't have to transfer the logs after finished session, but in
> small segments (script(1) only add new entries to the file). The same
> idea uses large databases for on-line backups
> (http://www.postgresql.org/docs/8.1/static/backup-online.html)
Good idea. But then we might as well pipe the output directly to some
rsh, avoiding the data to touch storage in the first place.
> The another (IMHO the best) possibility is to log into systemd journal,
> it supports all necessary advantages. See
>
> http://www.freedesktop.org/software/systemd/man/sd-journal.html
>
> for example sd_journal_stream_fd(). I'm not sure, but it's probably
> already possible to somehow mirror the journal over network or log to
> remote machine.
That's a good idea – we'll look into that. Sadly some of the systems
where we'd want this won't be running systemd for the next few years.
Yours,
--
Jesper Dahl Nyerup
Systems Engineer
One.com, nyerup@one.com
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 198 bytes --]
next prev parent reply other threads:[~2014-04-29 11:10 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-04-25 8:21 Using script(1) to log all user sessions Jesper Dahl Nyerup
2014-04-25 14:27 ` Dale R. Worley
2014-04-25 17:39 ` Jesper Dahl Nyerup
2014-04-26 21:27 ` Jesper Dahl Nyerup
2014-04-27 19:53 ` Ángel González
2014-04-29 10:00 ` Jesper Dahl Nyerup
2014-04-29 10:42 ` Karel Zak
2014-04-29 11:10 ` Jesper Dahl Nyerup [this message]
2014-04-28 7:13 ` Karel Zak
2014-04-29 11:05 ` Jesper Dahl Nyerup
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140429111005.GC31241@one.com \
--to=nyerup@one.com \
--cc=ingenit@zoho.com \
--cc=kzak@redhat.com \
--cc=mph@one.com \
--cc=util-linux@vger.kernel.org \
--cc=vedpalr@one.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.