From: Jesper Dahl Nyerup <nyerup@one.com>
To: Karel Zak <kzak@redhat.com>
Cc: "Ángel González" <ingenit@zoho.com>,
util-linux@vger.kernel.org, "Vedpal Rajera" <vedpalr@one.com>,
"Martin Topholm" <mph@one.com>
Subject: Re: Using script(1) to log all user sessions
Date: Tue, 29 Apr 2014 13:10:06 +0200 [thread overview]
Message-ID: <20140429111005.GC31241@one.com> (raw)
In-Reply-To: <20140429104240.GA12056@x2.net.home>
[-- Attachment #1: Type: text/plain, Size: 1616 bytes --]
On Apr 29 12:42, Karel Zak wrote:
> On Tue, Apr 29, 2014 at 12:00:28PM +0200, Jesper Dahl Nyerup wrote:
> > > >1. Adding a daemon next to script(1) and scriptreplay(1), eg.
> > > >scriptcollect(1), to be in the receiving end of the traffic, [...]
> > >
> > > I'm unsure about this bit. It may be needed. Perhaps a transfer
> > > after the session finishes also works.
> >
> > We also considered that, but we keep running in to theoretical corner
> > cases where this could end up being a problem - logging in on systems
> > with filled up mountpoints, securing the transcript even if the system
> > crashes, and so on.
>
> You don't have to transfer the logs after finished session, but in
> small segments (script(1) only add new entries to the file). The same
> idea uses large databases for on-line backups
> (http://www.postgresql.org/docs/8.1/static/backup-online.html)
Good idea. But then we might as well pipe the output directly to some
rsh, avoiding the data to touch storage in the first place.
> The another (IMHO the best) possibility is to log into systemd journal,
> it supports all necessary advantages. See
>
> http://www.freedesktop.org/software/systemd/man/sd-journal.html
>
> for example sd_journal_stream_fd(). I'm not sure, but it's probably
> already possible to somehow mirror the journal over network or log to
> remote machine.
That's a good idea – we'll look into that. Sadly some of the systems
where we'd want this won't be running systemd for the next few years.
Yours,
--
Jesper Dahl Nyerup
Systems Engineer
One.com, nyerup@one.com
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 198 bytes --]
next prev parent reply other threads:[~2014-04-29 11:10 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-04-25 8:21 Using script(1) to log all user sessions Jesper Dahl Nyerup
2014-04-25 14:27 ` Dale R. Worley
2014-04-25 17:39 ` Jesper Dahl Nyerup
2014-04-26 21:27 ` Jesper Dahl Nyerup
2014-04-27 19:53 ` Ángel González
2014-04-29 10:00 ` Jesper Dahl Nyerup
2014-04-29 10:42 ` Karel Zak
2014-04-29 11:10 ` Jesper Dahl Nyerup [this message]
2014-04-28 7:13 ` Karel Zak
2014-04-29 11:05 ` Jesper Dahl Nyerup
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140429111005.GC31241@one.com \
--to=nyerup@one.com \
--cc=ingenit@zoho.com \
--cc=kzak@redhat.com \
--cc=mph@one.com \
--cc=util-linux@vger.kernel.org \
--cc=vedpalr@one.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox