On 2018年09月11日 12時52分, Stefan G. Weichinger wrote:
At a customer we were asked to log/protocol all my administrative activity for potential audits etc
If by “all” activity, the customer means all activity, pam_tty_audit is the only solution I have heard of that fits the bill: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security_guide/sec-configuring_pam_for_auditing If by “all” activity, the customer means, “We want want a Serious Business Stamp,” I recommend getting creative with your shell's $HISTFILE, given that 98% of your activity occurs there.
