Libravatar (obsolete)

Enable logging of all commands run by the libravatar-master user

Bug #1281072 reported by François Marier on 2014-02-17

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Libravatar (obsolete)	Confirmed	Medium	Unassigned

Bug Description

The libravatar-master user should only ever run the rsync command on the master. It's enforced by the shell (rssh) that is set, but it should also be logged in case rssh fails.

All that's needed is to add the following to /etc/pam.d/sshd:

session required pam_tty_audit.so enable=libravatar-master

Unfortunately pam_tty_audit is not shipped with wheezy.

Source: http://beardyjay.co.uk/logging-all-ssh-commands/logging-ssh

See original description

Tags:

François Marier (fmarier) on 2014-02-17

description:

updated

François Marier (fmarier) on 2014-11-18

tags:	added: security
tags:	added: rsync

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.