CentOS

The Community ENTerprise Operating System
https://forums.centos.org/

Logging all commands by all users\daemons

https://forums.centos.org/viewtopic.php?f=51&t=67043

Page 1 of 1

Logging all commands by all users\daemons

Posted: 2018/05/14 17:21:55
by adalfarus
Hi all.
How can I logging all commands in the system?

For example, after added that line

Code: Select all

session 	required	pam_tty_audit.so	enable=*
to:
  • /etc/pam.d/password-auth
    /etc/pam.d/system-auth
    /etc/pam.d/sudo
I can grabbing all keystrokes by root. But, I need by all users.

Re: Logging all commands by all users\daemons

Posted: 2018/05/14 17:38:46
by TrevorH
Welcome to security exposure #1...

Undo that. Look at using the audit daemon and configs instead.

Re: Logging all commands by all users\daemons

Posted: 2018/05/14 17:57:09
by adalfarus
TrevorH wrote:Look at using the audit daemon and configs instead.
Already.
But, it's not helped me.
I wrote to the forum because I've already lost two weeks and without results.

Re: Logging all commands by all users\daemons

Posted: 2018/05/15 04:09:00
by hunter86_bg
Why are you so sure that you grab only 'root' keystrokes ? It will capture all without passwords.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited