Re: Audit-0.6.3 released
On Mon, 21 Feb 2005 14:55:38 CST, Klaus Weidner said:
Try the following:
*** login
session required pam_selinux.so close
session required pam_stack.so service=system-auth
session optional pam_console.so
session required pam_audit.so
session required pam_selinux.so multiple open
*** sshd
session required pam_stack.so service=system-auth
session required pam_audit.so
And presumably similar for gdm if such is in use..
> For that matter, it's unclear if I can just stick it in the
system-auth
> that gets included by everybody. Are there any cases where we *don't*
> want it in there?
You don't want a new login UID assigned if someone uses 'su', 'sudo'
or
equivalent (that's the entire point of having a login UID maintained
separately), so putting it into system-auth is not a good idea.
Ahh.. I *knew* there was a reason, I just couldn't put my finger on it. :)
Attachments:
- attachment.sig (application/pgp-signature — 226 bytes)