Hi list,
With Redhat 8 come tlogs for session recording.
It seems a promising tool to comply with PCI DSS requirement 10.2 which requires Monitoring of all actions taken by any individual with root or administrative privileges.
Redhat preferred way to configure tlog-rec-session is through sssd.
I have doubt about the interaction between the nss and the session-recording sections.
The man states :
users (string)
A comma-separated list of users which should have session recording enabled.
Matches user names as returned by NSS. I.e. after the possible space
replacement, case changes, etc.
Am I right to understand that if the nss filters some users (root for example) with the filter_users directive, their sessions won’t be recorded even if defined in the session-recording session ?
If yes is there a way to find the discrepancies between the two sections?
Thanks
Philippe
equensWorldline is a registered trade mark and trading name owned by the Worldline Group through its holding company.
This e-mail and the documents attached are confidential and intended solely for the addressee. If you receive this e-mail in error, you are not authorized to copy, disclose, use or retain it. Please notify the sender immediately and delete this email from your
systems. As emails may be intercepted, amended or lost, they are not secure. EquensWorldline and the Worldline Group therefore can accept no liability for any errors or their content. Although equensWorldline and the Worldline Group endeavours to maintain
a virus-free network, we do not warrant that this transmission is virus-free and can accept no liability for any damages resulting from any virus transmitted. The risks are deemed to be accepted by everyone who communicates with equensWorldline and the Worldline
Group by email