From owner-freebsd-questions@FreeBSD.ORG Thu Dec 6 20:20:23 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id F3BA5C6E for ; Thu, 6 Dec 2012 20:20:22 +0000 (UTC) (envelope-from prvs=680cec957=pschmehl_lists@tx.rr.com) Received: from ip-001.utdallas.edu (ip-001.utdallas.edu [129.110.20.107]) by mx1.freebsd.org (Postfix) with ESMTP id BB7BB8FC08 for ; Thu, 6 Dec 2012 20:20:22 +0000 (UTC) X-Group: None X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AvAEAJv8wFCBbgogTmdsb2JhbABEvkUDAQFugh4BAQU4Aj8QCxguQxQGARKIEMJtjDmDYmEDiF+JcZcM X-IronPort-AV: E=Sophos;i="4.84,232,1355119200"; d="scan'208";a="113910142" Received: from zxtm01.utdallas.edu (HELO utd71538.utdallas.edu) ([129.110.10.32]) by ip-001.utdallas.edu with ESMTP/TLS/DHE-RSA-AES256-SHA; 06 Dec 2012 14:20:15 -0600 Date: Thu, 06 Dec 2012 14:20:13 -0600 From: Paul Schmehl To: tundra@tundraware.com, n j Subject: Re: Somewhat OT: Is Full Command Logging Possible? Message-ID: <6A61448BD1FE69ED206EB42E@utd71538.campus.ad.utdallas.edu> In-Reply-To: <50C0EFA4.3010902@tundraware.com> References: <50BFD674.8000305@tundraware.com> <8BFA2629-45CA-491B-9BA8-E8AC78A4D66E@my.gd> <50BFDCFD.4010108@tundraware.com> <50C0EFA4.3010902@tundraware.com> X-Mailer: Mulberry/4.1.0a1 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline; size=1058 Cc: FreeBSD Mailing List X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: Paul Schmehl List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Dec 2012 20:20:23 -0000 --On December 6, 2012 1:19:00 PM -0600 Tim Daneliuk wrote: > > I understand this. Even the organization in question understands > this. They are not trying to *prevent* any kind of access. All > they're trying to do *log* it. Why? To meet some obscure > compliance requirement they have to adhere to in order to > remain in business. > > > I know all of this is silly but that's our future when you > let Our Fine Government regulate pretty much anything. > > I sent this last night, but for some reason it never showed up. /usr/ports/security/sudoscript I believe this will meet your requirements. -- Paul Schmehl, Senior Infosec Analyst As if it wasn't already obvious, my opinions are my own and not those of my employer. ******************************************* "It is as useless to argue with those who have renounced the use of reason as to administer medication to the dead." Thomas Jefferson "There are some ideas so wrong that only a very intelligent person could believe in them." George Orwell