[Gllug] Monitoring a user session

John Edwards john at cornerstonelinux.co.uk
Mon Oct 11 19:35:13 UTC 2010


On Mon, Oct 11, 2010 at 08:18:47PM +0100, tid wrote:
> I have to operate on the other side of this particular fence: I trust
> myself but am called upon to maintain various
> rebarbative user systems / environments where I need to be able to
> 'prove' that adding a new user didn't shut
> the network down or that logging onto the London samba server on
> tuesday did not cause the Tokyo sybase
> server to bork on sunday. I have a few clients who feel linux !=
> windows therefore as they understand windows,
> the devil *is* linux, and come out all guns blazing on any issue.
> 
> It's great for issues that become 'political' as I can show the client
> exactly what I did, whereas the windows techies
> are usually backed into the " I'm sure I clicked that button" corner.
> 
> It's not a full sys-level logging tool, but it'll do until one comes along.

Some options for you:

sudo - available on most systems by default, but only logs commands
run with escalated privileges.

snoopy - a library that acts as a wrapper to execve() which logs all
commands run by anyone (even via cron), a bit of an ugly hack and not
always well maintained.

Both of the above are fine for logging shell commands but will probably
not be able to log what is going on inside any GUI or text interface
programs (eg vi, setup programs) and so miss some important stuff.

screen - several people can join to a screen session, you see exactly
what they see, sessions can be logged, but limited to text consoles.

VNC - is a full X session if you need to run GUI programs, many people
can view the same session if all their VNC clients support that, but
needs an extra program to record the session. Recorded sessions will
probably be in a video format, so searching through them will be
difficult.

It may be that a mixture of some of these will do the trick.


-- 
#---------------------------------------------------------#
|    John Edwards   Email: john at cornerstonelinux.co.uk    |
#---------------------------------------------------------#
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 204 bytes
Desc: Digital signature
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20101011/d5f15bf9/attachment.pgp>
-------------- next part --------------
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug


More information about the GLLUG mailing list