Ping a Specific Port

Question

lacrosse1991

Asked: 2014-03-16 22:03:35 +0800 CST2014-03-16 22:03:35 +0800 CST 2014-03-16 22:03:35 +0800 CST

is this normal behavior for pam_tty_audit

772

I've recently configured pam_tty_audit, and while it does log information, it seems like it does not log information until after the user has logged out. Oddly enough, it does log some things live, for instance, if I ran "nano hello", it would log "nano" without the argument, but if I were log out and log back, "nano hello" would then show up in the auth log. Please see below for an example of what I am talking about

16/03/14 07:01:05 113 0 ? 57 nano <^X> (user logs out and then in again)
16/03/14 07:01:12 116 0 ? 57 bash ,,"nano hello",,,,

Is this normal behavior for pam tty audit?

1 Answers

Voted

user9517 · Answer 1 · 2014-03-16T22:24:30+08:00

user9517

2014-03-16T22:24:30+08:002014-03-16T22:24:30+08:00

According top this blog post what you're seeing is correct for unprivileged users whose records are logged only when they log out or a certain number of characters are collected.

Privileged accounts are logged immediately.

1

is this normal behavior for pam_tty_audit

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?