Bug 484648 - RFE: Seperate package for bash auditing
Summary: RFE: Seperate package for bash auditing
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: bash
Version: rawhide
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Roman Rakus
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: F11Target
TreeView+ depends on / blocked
 
Reported: 2009-02-09 09:30 UTC by Roman Rakus
Modified: 2014-01-13 00:08 UTC (History)
5 users (show)

Fixed In Version:
Clone Of: 483086
Environment:
Last Closed: 2009-05-06 10:11:54 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Roman Rakus 2009-02-09 09:30:31 UTC 
+++ This bug was initially created as a clone of Bug #483086 +++

Description of problem:
Ref.235021 - If the only way to enable the auditing is to maintain a separate package can we get a bash-audit package built at RH instead of trying to maintain one on our own?

Version-Release number of selected component (if applicable):
bash-3.2-24.el5

--- Additional comment from james.l.perrin.mil on 2009-01-29 21:46:25 EDT ---

This feature would very much be useful to us. I'd like to see this package included or added as well.

--- Additional comment from tsorensen on 2009-01-29 22:16:29 EDT ---

Useful here too; unclear why the feature was added without making it available without a custom rebuild.

--- Additional comment from rrakus on 2009-02-09 04:28:31 EDT ---

Yep. It's good idea. It will be in Fedora 11 and then in RHEL6.
Comment 1 Roman Rakus 2009-05-06 10:11:54 UTC 
At second look the bash auditing is enabled.
Try this:
- append to /etc/pam.d/system-auth:
        session required pam_tty_audit.so disable=* enable=root

  - as root => chars entered in audit.log
  - as non-root: no chars entered

If this is ok, I think there's no need to separate packages with and without
enabled auditing.
Note You need to log in before you can comment on or make changes to this bug.