Hi everyone,
The attached patch adds exporting of the original (non-overridden) user shell
to tlog-rec, during the PAM session opening. The shell is exported via adding
variable "TLOG_REC_SHELL" to the user's environment.
This is supposed to be used within the preliminary session recording solution,
which employs tlog [1]. The administrators are supposed to setup session
recording with SSSD by adding local overrides of the user shell to
"/usr/bin/tlog-rec". When tlog-rec is spawned in the role of the shell, it
sets up terminal I/O recording and then spawns the shell specified in
"TLOG_REC_SHELL".
This can be tested by logging as any user and checking if TLOG_REC_SHELL
variable is set to the original (non-overridden) shell.
This is a draft patch and code and design change suggestions are welcome.
Thank you.
Nick
[1]
https://github.com/Scribery/tlog