Logging users activity with termlog

[Lukasz Wasikowski]

Hello!

On Thu, 9 Oct 2003, Lowell Gilbert wrote:

LG> > 1. I'd like to run termlog -u UID as soon as user with UID log in. How
LG> > should I do it?
LG> I don't think there are any great answers there.  The easy hack is to
LG> mess with login scripts, but that would be visible to the user (if
LG> they checked).

That's fine with me. If users know their actions are logged they may
reconsider twice any illegal activity on my box.

LG> For a fair amount of extra effort, you could hack it
LG> into login(1) itself.

I'm not that good with C programming.

LG> Those are problems specific to "termlog"; since I never heard of it
LG> until now, I don't know much, but on the first I would guess that it's
LG> not opening the "real" terminal line.

Port:   termlog-1.0.3
Path:   /usr/ports/security/termlog
Info:   Monitor or log multiple system terminals synchronously (real-time)

This utility is monitoring and logging multiple system ttys. I've decided
to use it becaus it looked like this it what I was looking for. But it
isn't working right or maybe I can't make it work.

LG> > Maybe there is a better way to log users activity?
LG> Did you look at the watch(8) utility in the base system?

Yes, but only in interactive mode. I'll try to make it work automatically
as soon as users log in.

-- 
Greetz, Idaho