Re: Logging users activity with termlog

2003-10-17 Thread Lukasz Wasikowski 
Hello!

On Thu, 9 Oct 2003, Lowell Gilbert wrote:

LG  1. I'd like to run termlog -u UID as soon as user with UID log in. How
LG  should I do it?
LG I don't think there are any great answers there.  The easy hack is to
LG mess with login scripts, but that would be visible to the user (if
LG they checked).

That's fine with me. If users know their actions are logged they may
reconsider twice any illegal activity on my box.

LG For a fair amount of extra effort, you could hack it
LG into login(1) itself.

I'm not that good with C programming.

LG Those are problems specific to termlog; since I never heard of it
LG until now, I don't know much, but on the first I would guess that it's
LG not opening the real terminal line.

Port:   termlog-1.0.3
Path:   /usr/ports/security/termlog
Info:   Monitor or log multiple system terminals synchronously (real-time)

This utility is monitoring and logging multiple system ttys. I've decided
to use it becaus it looked like this it what I was looking for. But it
isn't working right or maybe I can't make it work.

LG  Maybe there is a better way to log users activity?
LG Did you look at the watch(8) utility in the base system?

Yes, but only in interactive mode. I'll try to make it work automatically
as soon as users log in.

-- 
Greetz, Idaho
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Logging users activity with termlog

2003-10-09 Thread Lowell Gilbert 
Lukasz Wasikowski [EMAIL PROTECTED] writes:

 FreeBSD 4.9-RC. termlog 1.0.2-STABLE. I want to log users activity on my
 box.
 
 1. I'd like to run termlog -u UID as soon as user with UID log in. How
 should I do it?

I don't think there are any great answers there.  The easy hack is to
mess with login scripts, but that would be visible to the user (if
they checked).  For a fair amount of extra effort, you could hack it
into login(1) itself.

 2. I noticed that running screen program and then leaving it (quit, not
 detach) makes termlog to quit with:
 
 termlog: fatal: unable to poll device.: Bad file descriptor
 
 User is still logged in. The same quit reason is when user don't use
 screen and logout. What's wrong?

 3. -t switch should put timestamps in the output file but it doesn't.
 Files created with -t and without it are identical.

Those are problems specific to termlog; since I never heard of it
until now, I don't know much, but on the first I would guess that it's
not opening the real terminal line.

 Maybe there is a better way to log users activity?

Did you look at the watch(8) utility in the base system?
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]