1tlog-rec-session(8) System Manager's Manual tlog-rec-session(8)
2
3
4
6 tlog-rec-session - start a shell and log terminal I/O
7
8
10 tlog-rec-session [OPTION...] [CMD_FILE [CMD_ARG...]]
11 tlog-rec-session -c [OPTION...] CMD_STRING [CMD_NAME [CMD_ARG...]]
12
13
15 Tlog-rec-session is a terminal session I/O logging program, intended
16 for use as the login shell for a user. The actual user shell to start
17 is retrieved from configuration or environment. Tlog-rec-session starts
18 the actual shell under a pseudo-TTY, connects it to the actual terminal
19 and logs whatever passes between them including user input, program
20 output, and terminal window size changes.
21
22 Tlog-rec-session will not start recording if another process with the
23 same audit session ID (as seen in /proc/PID/sessionid) is already being
24 recorded. Instead, it will simply start the shell.
25
26 If no "-c" option is specified, then the first non-option argument
27 CMD_FILE specifies the location of a shell script the shell should read
28 and the following arguments (CMD_ARG) specify its arguments.
29
30 If the "-c" option is specified, then a non-option argument CMD_STRING
31 is required and should contain shell commands to execute, the following
32 arguments can specify first the script name (CMD_NAME, i.e. argv[0])
33 and then its arguments (CMD_ARG).
34
35 If no non-option arguments are encountered, or the "-i" option is spec‐
36 ified then the shell is started interactively.
37
38 If tlog-rec-session is invoked under a name beginning with a dash (i.e.
39 argv[0] beginning with '-'), then the executed shell name is also
40 prepended with a dash. This passes the "login shell" status to the
41 recorded shell and is equivalent to using the "-l" option.
42
43 If tlog-rec-session is invoked under a name containing "-shell-", then
44 the rest of the name after that string is considered an encoded abso‐
45 lute path to the shell to execute for the recorded session. The path is
46 expected to be encoded by replacing all forward slashes '/' with dashes
47 '-' and any characters to be preserved as is prepended with a backslash
48 '\'. E.g. to have tlog-rec-session execute /bin/dash as the shell,
49 invoke it with the name "tlog-rec-session-shell-bin-dash".
50
51 This is normally done by making a symlink with that name pointing to
52 tlog-rec-session, and then executing the link. Such links can be
53 assigned to users as their shells to have specific shells started under
54 recording for specific users.
55
56 Tlog-rec-session loads its parameters first from the system-wide con‐
57 figuration file /etc/tlog/tlog-rec-session.conf, then from the file
58 pointed at by TLOG_REC_SESSION_CONF_FILE environment variable (if set),
59 then from the contents of the TLOG_REC_SESSION_CONF_TEXT environment
60 variable (if set), and then from command-line options. Parameters from
61 each of these sources override the previous one in turn.
62
63
65 General options
66 -h, --help
67 Output a command-line usage message and exit.
68
69
70
71
72 -v, --version
73 Output version information and exit.
74
75
76
77
78 --configuration
79 Output program configuration in JSON and exit.
80
81
82
83
84 -l, --login
85 Make the shell a login shell.
86
87 If specified, the shell is signalled to act as a login shell.
88 This is done by prepending argv[0] of the shell with a dash
89 character.
90
91
92 -i, --interactive
93 Make the shell an interactive shell.
94
95 If specified, tlog-rec-session passes the -i option to the
96 shell.
97
98
99 -c, --command
100 Execute shell commands.
101
102 If specified, tlog-rec-session passes the -c option to the
103 shell, followed by all the positional arguments, which specify
104 the shell commands to execute along with command name and its
105 arguments.
106
107
108
109
111 TLOG_REC_SESSION_CONF_FILE
112 Specifies the location of a configuration file to be read. The
113 configuration parameters in this file override the ones in the
114 system-wide configuration file /etc/tlog/tlog-rec-session.conf.
115
116
117 TLOG_REC_SESSION_CONF_TEXT
118 Specifies the configuration text to be read. The configuration
119 parameters in this variable override the ones in the file speci‐
120 fied with TLOG_REC_SESSION_CONF_FILE.
121
122
123 TLOG_REC_SESSION_SHELL
124 Specifies the shell to spawn. Overrides configuration specified
125 with TLOG_REC_SESSION_CONF_TEXT. Can be overridden by invoking
126 tlog-rec-session under a special name (see above).
127
128
130 /etc/tlog/tlog-rec-session.conf
131 The system-wide configuration file
132
133
135 Start recording a login shell:
136 tlog-rec-session -l
137
138
139 Ask the recorded shell to execute a command:
140 tlog-rec-session -c whoami
141
142
144 tlog-rec-session.conf(5), tlog-rec(8), tlog-play(8)
145
146
148 Nikolai Kondrashov <spbnick@gmail.com>
149
150
151
152Tlog May 2017 tlog-rec-session(8)