On 01/10/2014 04:16 AM, Bryan Harris wrote: > Hello, > > I'm wondering if it is possible to use selinux network & process labeling, iptables, and something like /usr/bin/script to create an environment where we can enforce session recording for ssh sessions. > > We will soon have a requirement to record our actions on customer environments, but at the same time we also need to block users who have not activated the recording. Is selinux policy an appropriate way to accomplish these requirements? I'd like to search for the details and learn more, but if I'm taking the wrong approach I'd like to know that before starting out. > > Any guidance is greatly appreciated. Thanks in advance. I think linux-audit is where you want to be, https://www.redhat.com/mailman/listinfo/linux-audit _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
