Red Hat Bugzilla – Bug 484648
RFE: Seperate package for bash auditing
Last modified: 2014-01-12 19:08:21 EST
+++ This bug was initially created as a clone of Bug #483086 +++
Description of problem:
Ref.235021 - If the only way to enable the auditing is to maintain a separate package can we get a bash-audit package built at RH instead of trying to maintain one on our own?
Version-Release number of selected component (if applicable):
--- Additional comment from email@example.com on 2009-01-29 21:46:25 EDT ---
This feature would very much be useful to us. I'd like to see this package included or added as well.
--- Additional comment from firstname.lastname@example.org on 2009-01-29 22:16:29 EDT ---
Useful here too; unclear why the feature was added without making it available without a custom rebuild.
--- Additional comment from email@example.com on 2009-02-09 04:28:31 EDT ---
Yep. It's good idea. It will be in Fedora 11 and then in RHEL6.
At second look the bash auditing is enabled.
- append to /etc/pam.d/system-auth:
session required pam_tty_audit.so disable=* enable=root
- as root => chars entered in audit.log
- as non-root: no chars entered
If this is ok, I think there's no need to separate packages with and without