Bug 484648 - RFE: Seperate package for bash auditing
RFE: Seperate package for bash auditing
Product: Fedora
Classification: Fedora
Component: bash (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Roman Rakus
Fedora Extras Quality Assurance
: FutureFeature
Depends On:
Blocks: F11Target
  Show dependency treegraph
Reported: 2009-02-09 04:30 EST by Roman Rakus
Modified: 2014-01-12 19:08 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: 483086
Last Closed: 2009-05-06 06:11:54 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Roman Rakus 2009-02-09 04:30:31 EST
+++ This bug was initially created as a clone of Bug #483086 +++

Description of problem:
Ref.235021 - If the only way to enable the auditing is to maintain a separate package can we get a bash-audit package built at RH instead of trying to maintain one on our own?

Version-Release number of selected component (if applicable):

--- Additional comment from james.l.perrin@us.army.mil on 2009-01-29 21:46:25 EDT ---

This feature would very much be useful to us. I'd like to see this package included or added as well.

--- Additional comment from tsorensen@gmail.com on 2009-01-29 22:16:29 EDT ---

Useful here too; unclear why the feature was added without making it available without a custom rebuild.

--- Additional comment from rrakus@redhat.com on 2009-02-09 04:28:31 EDT ---

Yep. It's good idea. It will be in Fedora 11 and then in RHEL6.
Comment 1 Roman Rakus 2009-05-06 06:11:54 EDT
At second look the bash auditing is enabled.
Try this:
- append to /etc/pam.d/system-auth:
        session required pam_tty_audit.so disable=* enable=root

  - as root => chars entered in audit.log
  - as non-root: no chars entered

If this is ok, I think there's no need to separate packages with and without
enabled auditing.

Note You need to log in before you can comment on or make changes to this bug.