mirror of
https://abf.rosa.ru/djam/pam.git
synced 2025-02-23 16:32:51 +00:00
48 lines
1.4 KiB
Text
48 lines
1.4 KiB
Text
pam_tty_audit ? Enable or disable TTY auditing for specified users
|
|
|
|
-------------------------------------------------------------------------------
|
|
|
|
DESCRIPTION
|
|
|
|
The pam_tty_audit PAM module is used to enable or disable TTY auditing. By
|
|
default, the kernel does not audit input on any TTY.
|
|
|
|
OPTIONS
|
|
|
|
disable=patterns
|
|
|
|
For each user matching one of comma-separated glob patterns, disable TTY
|
|
auditing. This overrides any previous enable option matchin the same user
|
|
name on the command line.
|
|
|
|
enable=patterns
|
|
|
|
For each user matching one of comma-separated glob patterns, enable TTY
|
|
auditing. This overrides any previous disable option matching the same user
|
|
name on the command line.
|
|
|
|
open_only
|
|
|
|
Set the TTY audit flag when opening the session, but do not restore it when
|
|
closing the session. Using this option is necessary for some services that
|
|
don't fork() to run the authenticated session, such as sudo.
|
|
|
|
NOTES
|
|
|
|
When TTY auditing is enabled, it is inherited by all processes started by that
|
|
user. In particular, daemons restarted by an user will still have TTY auditing
|
|
enabled, and audit TTY input even by other users unless auditing for these
|
|
users is explicitly disabled. Therefore, it is recommended to use disable=* as
|
|
the first option for most daemons using PAM.
|
|
|
|
EXAMPLES
|
|
|
|
Audit all administrative actions.
|
|
|
|
session required pam_tty_audit.so disable=* enable=root
|
|
|
|
|
|
AUTHOR
|
|
|
|
pam_tty_audit was written by Miloslav Trma? <mitr@redhat.com>.
|
|
|