-
Notifications
You must be signed in to change notification settings - Fork 32
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
14 changed files
with
114 additions
and
77 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
28 changes: 0 additions & 28 deletions
28
docs/security_mapping/components/sudosh/session_audit/control.rst
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
31 changes: 31 additions & 0 deletions
31
docs/security_mapping/components/tlog/session_audit/control.rst
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
Session Audit | ||
------------- | ||
|
||
The :term:`Tlog` application is installed on each SIMP node. It is set, by | ||
default, to log interactive shell sessions to privileged user accounts via a | ||
login shell hook. | ||
|
||
The ``tlog-rec-session`` application may optionally be set as the user's | ||
default shell to log all sessions without the optional hook. | ||
|
||
A ``tlog-play`` application is also provided to replay captured sessions. | ||
|
||
In addition to :term:`Tlog`, the :term:`PAM` module ``pam_tty_audit`` is used | ||
to record keystrokes during a ``root`` user's session. Additional accounts can | ||
be audited by adding them to the parameter ``pam::tty_audit_users``. | ||
|
||
.. NOTE:: | ||
As a safeguard against recording sensitive credentials (such as passwords), | ||
both ``tlog`` and ``pam_tty_audit`` do NOT record when ``echo`` is turned off. | ||
|
||
.. WARNING:: | ||
The audit logs **WILL RECORD SENSITIVE DETAILS** (such as passwords) for any | ||
scripts or applications that: | ||
|
||
* Do _not_ protect terminal output while entering or echoing sensitive data | ||
* AND are run by an audited user (e.g., ``root``) | ||
|
||
It is therefore HIGHLY RECOMMENDED to update any such scripts or | ||
applications to turn of echo during these sensitive operations. | ||
|
||
References: :ref:`AU-14` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
Tlog | ||
==== | ||
|
||
**Module Name**: ``pupmod-simp-tlog`` | ||
|
||
This Puppet module provides the capability to use :term:`Tlog` to log | ||
designated login sessions to a :term:`syslog` server. | ||
|
||
.. toctree:: | ||
:maxdepth: 2 | ||
:glob: | ||
|
||
*/* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters