From: Karel Zak <kzak@redhat.com>
To: Jesper Dahl Nyerup <nyerup@one.com>
Cc: "Ángel González" <ingenit@zoho.com>,
util-linux@vger.kernel.org, "Vedpal Rajera" <vedpalr@one.com>,
"Martin Topholm" <mph@one.com>
Subject: Re: Using script(1) to log all user sessions
Date: Tue, 29 Apr 2014 12:42:40 +0200 [thread overview]
Message-ID: <20140429104240.GA12056@x2.net.home> (raw)
In-Reply-To: <20140429100028.GA31241@one.com>
On Tue, Apr 29, 2014 at 12:00:28PM +0200, Jesper Dahl Nyerup wrote:
> > >1. Adding a daemon next to script(1) and scriptreplay(1), eg.
> > >scriptcollect(1), to be in the receiving end of the traffic, [...]
> >
> > I'm unsure about this bit. It may be needed. Perhaps a transfer
> > after the session finishes also works.
>
> We also considered that, but we keep running in to theoretical corner
> cases where this could end up being a problem - logging in on systems
> with filled up mountpoints, securing the transcript even if the system
> crashes, and so on.
You don't have to transfer the logs after finished session, but in
small segments (script(1) only add new entries to the file). The same
idea uses large databases for on-line backups
(http://www.postgresql.org/docs/8.1/static/backup-online.html)
The another (IMHO the best) possibility is to log into systemd journal,
it supports all necessary advantages. See
http://www.freedesktop.org/software/systemd/man/sd-journal.html
for example sd_journal_stream_fd(). I'm not sure, but it's probably
already possible to somehow mirror the journal over network or log to
remote machine.
Karel
--
Karel Zak <kzak@redhat.com>
http://karelzak.blogspot.com
next prev parent reply other threads:[~2014-04-29 10:42 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-04-25 8:21 Using script(1) to log all user sessions Jesper Dahl Nyerup
2014-04-25 14:27 ` Dale R. Worley
2014-04-25 17:39 ` Jesper Dahl Nyerup
2014-04-26 21:27 ` Jesper Dahl Nyerup
2014-04-27 19:53 ` Ángel González
2014-04-29 10:00 ` Jesper Dahl Nyerup
2014-04-29 10:42 ` Karel Zak [this message]
2014-04-29 11:10 ` Jesper Dahl Nyerup
2014-04-28 7:13 ` Karel Zak
2014-04-29 11:05 ` Jesper Dahl Nyerup
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140429104240.GA12056@x2.net.home \
--to=kzak@redhat.com \
--cc=ingenit@zoho.com \
--cc=mph@one.com \
--cc=nyerup@one.com \
--cc=util-linux@vger.kernel.org \
--cc=vedpalr@one.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox