Using script(1) to log all user sessions

[Jesper Dahl Nyerup <nyerup@one.com>]

[-- Attachment #1: Type: text/plain, Size: 1578 bytes --]

Hi list,

We're toying with the idea of using script(1) to log all user sessions
towards a collection of systems, as one in a number of metheds to aid
debugging, education and auditing.

In order to do so, I have a couple of questions regarding a few
extensions we're considering to implement.

Firstly, script(1) is clearly and sanely designed to be invoked from the
command line to record a limited portion of a user's session. In order
for the user to have the logging started without manual invocation, it
may come in handy to support config files, to supply configurable
default values for some of the concepts normally passed in the
environment or as command line arguments.

Secondly, we're considering to add functionality for script(1) to
transmit the session transcript over the network to a collection daemon,
to be able to store transcripts from multiple machines on one or more
central systems.

This could involve:

1. Adding a daemon next to script(1) and scriptreplay(1), eg.
scriptcollect(1), to be in the receiving end of the traffic, optionally
handling the timing functionality, and finally storing data in the same
manner script(1) would.

2. Optionally linking against some crypto library to avoid putting
users' console data on the wire in clear text.

Ideally we'd like to upstream any changes we make, and this post serves
as an attempt to gauge the mood and ask for guidance as to which
direction you guys think we should take our efforts.

Yours,
-- 
Jesper Dahl Nyerup
Systems Engineer
One.com, nyerup@one.com

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 198 bytes --]