On 03/18/2016 07:56 PM, Nikolai Kondrashov wrote:
Hi everyone,
The attached patch adds exporting of the original (non-overridden) user shell
to tlog-rec, during the PAM session opening. The shell is exported via adding
variable "TLOG_REC_SHELL" to the user's environment.
This is supposed to be used within the preliminary session recording solution,
which employs tlog [1]. The administrators are supposed to setup session
recording with SSSD by adding local overrides of the user shell to
"/usr/bin/tlog-rec". When tlog-rec is spawned in the role of the shell, it
sets up terminal I/O recording and then spawns the shell specified in
"TLOG_REC_SHELL".
This can be tested by logging as any user and checking if TLOG_REC_SHELL
variable is set to the original (non-overridden) shell.
This is a draft patch and code and design change suggestions are welcome.
CI PASSED: http://sssd-ci.duckdns.org/logs/job/39/63/summary.html
Nick
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/admin/lists/sssd-devel@lists.fedorahosted.org
