From mboxrd@z Thu Jan 1 00:00:00 1970 From: Richard Guy Briggs Subject: Re: PCI-DSS: Log every root actions/keystrokes but avoid passwords Date: Tue, 12 Mar 2013 16:47:42 -0400 Message-ID: <20130312204742.GD23106@madcap2.tricolour.ca> References: <20130311194855.GQ4555@tracyreed.org> <772443219.6157356.1363086419594.JavaMail.root@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: Content-Disposition: inline In-Reply-To: <772443219.6157356.1363086419594.JavaMail.root@redhat.com> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: linux-audit-bounces@redhat.com Errors-To: linux-audit-bounces@redhat.com To: Miloslav Trmac Cc: linux-audit@redhat.com List-Id: linux-audit@redhat.com On Tue, Mar 12, 2013 at 07:06:59AM -0400, Miloslav Trmac wrote: > ----- Original Message ----- > > I am resurrecting this old thread from last summer because I ran into the same > > issue and found the thread in the archives via Google. It would be very nice if > > everything could be logged except passwords. > > There is work being done. Sorry, I don't have more specifics as to > availability, perhaps others do. Hi Tracy, I'm actually working on that right now. I have a patch I am in the process of testing. It implements a new sysctl. I'm working in the upstream kernel, so it will likely be available in Linus' git tree before anywhere else. After that, likely fedora, then RHEL, but I'm a bit new to that process. I don't see a reason why I couldn't post that patch here when I've got it ironed out. > Mirek - RGB -- Richard Guy Briggs Senior Software Engineer AMER ENG Base Operating Systems Remote, Canada, Ottawa Voice: 1.647.777.2635 Internal: (81) 32635