1tlog-rec-session(8)         System Manager's Manual        tlog-rec-session(8)
2
3
4

NAME

6       tlog-rec-session - start a shell and log terminal I/O
7
8

SYNOPSIS

10       tlog-rec-session [OPTION...] [CMD_FILE [CMD_ARG...]]
11       tlog-rec-session -c [OPTION...] CMD_STRING [CMD_NAME [CMD_ARG...]]
12
13

DESCRIPTION

15       Tlog-rec-session  is  a  terminal session I/O logging program, intended
16       for use as the login shell for a user. The actual user shell  to  start
17       is retrieved from configuration or environment. Tlog-rec-session starts
18       the actual shell under a pseudo-TTY, connects it to the actual terminal
19       and  logs  whatever  passes  between them including user input, program
20       output, and terminal window size changes.
21
22       Tlog-rec-session will not start recording if another process  with  the
23       same audit session ID (as seen in /proc/PID/sessionid) is already being
24       recorded.  Instead, it will simply start the shell.
25
26       If no "-c" option is specified,  then  the  first  non-option  argument
27       CMD_FILE specifies the location of a shell script the shell should read
28       and the following arguments (CMD_ARG) specify its arguments.
29
30       If the "-c" option is specified, then a non-option argument  CMD_STRING
31       is required and should contain shell commands to execute, the following
32       arguments can specify first the script name  (CMD_NAME,  i.e.  argv[0])
33       and then its arguments (CMD_ARG).
34
35       If no non-option arguments are encountered, or the "-i" option is spec‐
36       ified then the shell is started interactively.
37
38       If tlog-rec-session is invoked under a name beginning with a dash (i.e.
39       argv[0]  beginning  with  '-'),  then  the  executed shell name is also
40       prepended with a dash. This passes the  "login  shell"  status  to  the
41       recorded shell and is equivalent to using the "-l" option.
42
43       If  tlog-rec-session is invoked under a name containing "-shell-", then
44       the rest of the name after that string is considered an  encoded  abso‐
45       lute path to the shell to execute for the recorded session. The path is
46       expected to be encoded by replacing all forward slashes '/' with dashes
47       '-' and any characters to be preserved as is prepended with a backslash
48       '\'. E.g. to have tlog-rec-session  execute  /bin/dash  as  the  shell,
49       invoke it with the name "tlog-rec-session-shell-bin-dash".
50
51       This  is  normally  done by making a symlink with that name pointing to
52       tlog-rec-session, and then  executing  the  link.  Such  links  can  be
53       assigned to users as their shells to have specific shells started under
54       recording for specific users.
55
56       Tlog-rec-session loads its parameters first from the  system-wide  con‐
57       figuration  file  /etc/tlog/tlog-rec-session.conf,  then  from the file
58       pointed at by TLOG_REC_SESSION_CONF_FILE environment variable (if set),
59       then  from  the  contents of the TLOG_REC_SESSION_CONF_TEXT environment
60       variable (if set), and then from command-line options. Parameters  from
61       each of these sources override the previous one in turn.
62
63

OPTIONS

65   General options
66       -h, --help
67              Output a command-line usage message and exit.
68
69
70
71
72       -v, --version
73              Output version information and exit.
74
75
76
77
78       --configuration
79              Output program configuration in JSON and exit.
80
81
82
83
84       -l, --login
85              Make the shell a login shell.
86
87              If  specified,  the  shell is signalled to act as a login shell.
88              This is done by prepending argv[0] of  the  shell  with  a  dash
89              character.
90
91
92       -i, --interactive
93              Make the shell an interactive shell.
94
95              If  specified,  tlog-rec-session  passes  the  -i  option to the
96              shell.
97
98
99       -c, --command
100              Execute shell commands.
101
102              If specified, tlog-rec-session  passes  the  -c  option  to  the
103              shell,  followed  by all the positional arguments, which specify
104              the shell commands to execute along with command  name  and  its
105              arguments.
106
107
108
109

ENVIRONMENT

111       TLOG_REC_SESSION_CONF_FILE
112              Specifies  the location of a configuration file to be read.  The
113              configuration parameters in this file override the ones  in  the
114              system-wide configuration file /etc/tlog/tlog-rec-session.conf.
115
116
117       TLOG_REC_SESSION_CONF_TEXT
118              Specifies  the configuration text to be read.  The configuration
119              parameters in this variable override the ones in the file speci‐
120              fied with TLOG_REC_SESSION_CONF_FILE.
121
122
123       TLOG_REC_SESSION_SHELL
124              Specifies  the shell to spawn. Overrides configuration specified
125              with TLOG_REC_SESSION_CONF_TEXT. Can be overridden  by  invoking
126              tlog-rec-session under a special name (see above).
127
128

FILES

130       /etc/tlog/tlog-rec-session.conf
131              The system-wide configuration file
132
133

EXAMPLES

135       Start recording a login shell:
136              tlog-rec-session -l
137
138
139       Ask the recorded shell to execute a command:
140              tlog-rec-session -c whoami
141
142

SEE ALSO

144       tlog-rec-session.conf(5), tlog-rec(8), tlog-play(8)
145
146

AUTHOR

148       Nikolai Kondrashov <spbnick@gmail.com>
149
150
151
152Tlog                               May 2017                tlog-rec-session(8)
Impressum