Bug 484648

Summary: RFE: Seperate package for bash auditing
Product: [Fedora] Fedora Reporter: Roman Rakus <rrakus>
Component: bashAssignee: Roman Rakus <rrakus>
Status: CLOSED NOTABUG QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: low Docs Contact:
Priority: low    
Version: rawhideCC: james.l.perrin, rrakus, tsmetana, tsorensen, twaugh
Target Milestone: ---Keywords: FutureFeature
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: 483086 Environment:
Last Closed: 2009-05-06 10:11:54 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 446451    

Description Roman Rakus 2009-02-09 09:30:31 UTC 
+++ This bug was initially created as a clone of Bug #483086 +++

Description of problem:
Ref.235021 - If the only way to enable the auditing is to maintain a separate package can we get a bash-audit package built at RH instead of trying to maintain one on our own?

Version-Release number of selected component (if applicable):
bash-3.2-24.el5

--- Additional comment from james.l.perrin.mil on 2009-01-29 21:46:25 EDT ---

This feature would very much be useful to us. I'd like to see this package included or added as well.

--- Additional comment from tsorensen on 2009-01-29 22:16:29 EDT ---

Useful here too; unclear why the feature was added without making it available without a custom rebuild.

--- Additional comment from rrakus on 2009-02-09 04:28:31 EDT ---

Yep. It's good idea. It will be in Fedora 11 and then in RHEL6.
Comment 1 Roman Rakus 2009-05-06 10:11:54 UTC 
At second look the bash auditing is enabled.
Try this:
- append to /etc/pam.d/system-auth:
        session required pam_tty_audit.so disable=* enable=root

  - as root => chars entered in audit.log
  - as non-root: no chars entered

If this is ok, I think there's no need to separate packages with and without
enabled auditing.