A better place for this question is the sssd-users list (which I've just CCed).
On Fri, Jul 15, 2022 at 7:24 AM Sergio Belkin sebelk@gmail.com wrote:
Hi, I've configured sssd to use session recording along with tlog but it's not working.
I don't use any domain for authentication, all users are local
This my configuration files:
**/etc/sssd/sssd.conf**
[sssd] domains = files services = pam, sudo, nss, ssh [domain/files] id_provider = files
Is the above configuration correct?
And **/etc/sssd/conf.d/sssd-session-recording.conf** :
[session_recording] scope=all exclude_users= exclude_groups=
I don't find ny errors:
[root@munster ~]# sssctl config-check Issues identified by validators: 0 Messages generated during configuration merging: 0 Used configuration snippet files: 1 /etc/sssd/conf.d/sssd-session-recording.conf [root@munster ~]# systemctl status sssd ● sssd.service - System Security Services Daemon Loaded: loaded (/usr/lib/systemd/system/sssd.service; enabled; vendor preset: enabled) Active: active (running) since Wed 2022-07-13 23:40:25 -03; 9h ago Main PID: 971 (sssd) Tasks: 6 (limit: 38124) Memory: 55.9M CPU: 2.409s CGroup: /system.slice/sssd.service ├─ 971 /usr/sbin/sssd -i --logger=files ├─ 1030 /usr/libexec/sssd/sssd_be --domain files --uid 0 --gid 0 --logger=files ├─ 1035 /usr/libexec/sssd/sssd_pam --uid 0 --gid 0 --logger=files ├─ 1036 /usr/libexec/sssd/sssd_sudo --uid 0 --gid 0 --logger=files ├─ 1037 /usr/libexec/sssd/sssd_nss --uid 0 --gid 0 --logger=files └─ 1038 /usr/libexec/sssd/sssd_ssh --uid 0 --gid 0 --logger=files jul 13 23:40:24 munster.belkin.home systemd[1]: Starting sssd.service - System Security Services Daemon... jul 13 23:40:24 munster.belkin.home sssd[971]: Starting up jul 13 23:40:24 munster.belkin.home sssd_be[1030]: Starting up jul 13 23:40:24 munster.belkin.home sssd_ssh[1038]: Starting up jul 13 23:40:24 munster.belkin.home sssd_pam[1035]: Starting up jul 13 23:40:24 munster.belkin.home sssd_sudo[1036]: Starting up jul 13 23:40:24 munster.belkin.home sssd_nss[1037]: Starting up jul 13 23:40:25 munster.belkin.home systemd[1]: Started sssd.service - System Security Services Daemon. jul 13 23:40:41 munster.belkin.home sssd_nss[1037]: Enumeration requested but not enabled
But recording sessions does not work.
Relevant packages:
sssd-2.7.3-1.fc36.x86_64 tlog-12-2.fc36.x86_64 fedora-release-common-36-17.noarch
Please could you help me to figure out why session recording is not working?
Thanks in advance!
--
Sergio Belkin LPIC-2 Certified - http://www.lpi.org _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Hi Sergio,
`grep passwd /etc/nsswitch.conf`?
On Fri, Jul 15, 2022 at 4:27 PM Stephen Gallagher sgallagh@redhat.com wrote:
A better place for this question is the sssd-users list (which I've just CCed).
On Fri, Jul 15, 2022 at 7:24 AM Sergio Belkin sebelk@gmail.com wrote:
Hi, I've configured sssd to use session recording along with tlog but
it's not working.
I don't use any domain for authentication, all users are local
This my configuration files:
**/etc/sssd/sssd.conf**
[sssd] domains = files services = pam, sudo, nss, ssh [domain/files] id_provider = files
Is the above configuration correct?
And **/etc/sssd/conf.d/sssd-session-recording.conf** :
[session_recording] scope=all exclude_users= exclude_groups=
I don't find ny errors:
[root@munster ~]# sssctl config-check Issues identified by validators: 0 Messages generated during configuration merging: 0 Used configuration snippet files: 1 /etc/sssd/conf.d/sssd-session-recording.conf [root@munster ~]# systemctl status sssd ● sssd.service - System Security Services Daemon Loaded: loaded (/usr/lib/systemd/system/sssd.service; enabled;
vendor preset: enabled)
Active: active (running) since Wed 2022-07-13 23:40:25 -03; 9h ago
Main PID: 971 (sssd) Tasks: 6 (limit: 38124) Memory: 55.9M CPU: 2.409s CGroup: /system.slice/sssd.service ├─ 971 /usr/sbin/sssd -i --logger=files ├─ 1030 /usr/libexec/sssd/sssd_be --domain files --uid 0
--gid 0 --logger=files
├─ 1035 /usr/libexec/sssd/sssd_pam --uid 0 --gid 0
--logger=files
├─ 1036 /usr/libexec/sssd/sssd_sudo --uid 0 --gid 0
--logger=files
├─ 1037 /usr/libexec/sssd/sssd_nss --uid 0 --gid 0
--logger=files
└─ 1038 /usr/libexec/sssd/sssd_ssh --uid 0 --gid 0
--logger=files
jul 13 23:40:24 munster.belkin.home systemd[1]: Starting sssd.service -
System Security Services Daemon...
jul 13 23:40:24 munster.belkin.home sssd[971]: Starting up jul 13 23:40:24 munster.belkin.home sssd_be[1030]: Starting up jul 13 23:40:24 munster.belkin.home sssd_ssh[1038]: Starting up jul 13 23:40:24 munster.belkin.home sssd_pam[1035]: Starting up jul 13 23:40:24 munster.belkin.home sssd_sudo[1036]: Starting up jul 13 23:40:24 munster.belkin.home sssd_nss[1037]: Starting up jul 13 23:40:25 munster.belkin.home systemd[1]: Started sssd.service -
System Security Services Daemon.
jul 13 23:40:41 munster.belkin.home sssd_nss[1037]: Enumeration
requested but not enabled
But recording sessions does not work. Relevant packages:
sssd-2.7.3-1.fc36.x86_64 tlog-12-2.fc36.x86_64 fedora-release-common-36-17.noarch
Please could you help me to figure out why session recording is not
working?
Thanks in advance!
--
Sergio Belkin LPIC-2 Certified - http://www.lpi.org _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-leave@lists.fedoraproject.org Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.o... Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
You should see 'tlog-rec-session' returned as the shell with (may need to expire/clear sssd cache first):
$ getent passwd -s sss myuser
Also, in recent fedora versions you would need to run:
$ authselect select sssd with-files-domain
-Justin
On Fri, Jul 15, 2022 at 11:30 AM Alexey Tikhonov atikhono@redhat.com wrote:
Hi Sergio,
`grep passwd /etc/nsswitch.conf`?
On Fri, Jul 15, 2022 at 4:27 PM Stephen Gallagher sgallagh@redhat.com wrote:
A better place for this question is the sssd-users list (which I've just CCed).
On Fri, Jul 15, 2022 at 7:24 AM Sergio Belkin sebelk@gmail.com wrote:
Hi, I've configured sssd to use session recording along with tlog but it's not working.
I don't use any domain for authentication, all users are local
This my configuration files:
**/etc/sssd/sssd.conf**
[sssd] domains = files services = pam, sudo, nss, ssh [domain/files] id_provider = files
Is the above configuration correct?
And **/etc/sssd/conf.d/sssd-session-recording.conf** :
[session_recording] scope=all exclude_users= exclude_groups=
I don't find ny errors:
[root@munster ~]# sssctl config-check Issues identified by validators: 0 Messages generated during configuration merging: 0 Used configuration snippet files: 1 /etc/sssd/conf.d/sssd-session-recording.conf [root@munster ~]# systemctl status sssd ● sssd.service - System Security Services Daemon Loaded: loaded (/usr/lib/systemd/system/sssd.service; enabled; vendor preset: enabled) Active: active (running) since Wed 2022-07-13 23:40:25 -03; 9h ago Main PID: 971 (sssd) Tasks: 6 (limit: 38124) Memory: 55.9M CPU: 2.409s CGroup: /system.slice/sssd.service ├─ 971 /usr/sbin/sssd -i --logger=files ├─ 1030 /usr/libexec/sssd/sssd_be --domain files --uid 0 --gid 0 --logger=files ├─ 1035 /usr/libexec/sssd/sssd_pam --uid 0 --gid 0 --logger=files ├─ 1036 /usr/libexec/sssd/sssd_sudo --uid 0 --gid 0 --logger=files ├─ 1037 /usr/libexec/sssd/sssd_nss --uid 0 --gid 0 --logger=files └─ 1038 /usr/libexec/sssd/sssd_ssh --uid 0 --gid 0 --logger=files jul 13 23:40:24 munster.belkin.home systemd[1]: Starting sssd.service - System Security Services Daemon... jul 13 23:40:24 munster.belkin.home sssd[971]: Starting up jul 13 23:40:24 munster.belkin.home sssd_be[1030]: Starting up jul 13 23:40:24 munster.belkin.home sssd_ssh[1038]: Starting up jul 13 23:40:24 munster.belkin.home sssd_pam[1035]: Starting up jul 13 23:40:24 munster.belkin.home sssd_sudo[1036]: Starting up jul 13 23:40:24 munster.belkin.home sssd_nss[1037]: Starting up jul 13 23:40:25 munster.belkin.home systemd[1]: Started sssd.service - System Security Services Daemon. jul 13 23:40:41 munster.belkin.home sssd_nss[1037]: Enumeration requested but not enabled
But recording sessions does not work.
Relevant packages:
sssd-2.7.3-1.fc36.x86_64 tlog-12-2.fc36.x86_64 fedora-release-common-36-17.noarch
Please could you help me to figure out why session recording is not working?
Thanks in advance!
--
Sergio Belkin LPIC-2 Certified - http://www.lpi.org _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.o... Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.o... Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
sssd-users@lists.fedorahosted.org