You should see 'tlog-rec-session' returned as the shell with (may need
to expire/clear sssd cache first):
$ getent passwd -s sss myuser
Also, in recent fedora versions you would need to run:
$ authselect select sssd with-files-domain
-Justin
On Fri, Jul 15, 2022 at 11:30 AM Alexey Tikhonov <atikhono(a)redhat.com> wrote:
Hi Sergio,
`grep passwd /etc/nsswitch.conf`?
On Fri, Jul 15, 2022 at 4:27 PM Stephen Gallagher <sgallagh(a)redhat.com> wrote:
>
> A better place for this question is the sssd-users list (which I've just CCed).
>
> On Fri, Jul 15, 2022 at 7:24 AM Sergio Belkin <sebelk(a)gmail.com> wrote:
> >
> > Hi, I've configured sssd to use session recording along with tlog but
it's not working.
> >
> > I don't use any domain for authentication, all users are local
> >
> > This my configuration files:
> >
> > **/etc/sssd/sssd.conf**
> > ```
> > [sssd]
> > domains = files
> > services = pam, sudo, nss, ssh
> >
> > [domain/files]
> > id_provider = files
> > ```
> >
> > Is the above configuration correct?
> >
> > And **/etc/sssd/conf.d/sssd-session-recording.conf** :
> >
> > ```
> > [session_recording]
> > scope=all
> > exclude_users=
> > exclude_groups=
> > ```
> > I don't find ny errors:
> >
> > ```
> > [root@munster ~]# sssctl config-check
> > Issues identified by validators: 0
> >
> > Messages generated during configuration merging: 0
> >
> > Used configuration snippet files: 1
> > /etc/sssd/conf.d/sssd-session-recording.conf
> > [root@munster ~]# systemctl status sssd
> > ● sssd.service - System Security Services Daemon
> > Loaded: loaded (/usr/lib/systemd/system/sssd.service; enabled; vendor
preset: enabled)
> > Active: active (running) since Wed 2022-07-13 23:40:25 -03; 9h ago
> > Main PID: 971 (sssd)
> > Tasks: 6 (limit: 38124)
> > Memory: 55.9M
> > CPU: 2.409s
> > CGroup: /system.slice/sssd.service
> > ├─ 971 /usr/sbin/sssd -i --logger=files
> > ├─ 1030 /usr/libexec/sssd/sssd_be --domain files --uid 0 --gid 0
--logger=files
> > ├─ 1035 /usr/libexec/sssd/sssd_pam --uid 0 --gid 0 --logger=files
> > ├─ 1036 /usr/libexec/sssd/sssd_sudo --uid 0 --gid 0 --logger=files
> > ├─ 1037 /usr/libexec/sssd/sssd_nss --uid 0 --gid 0 --logger=files
> > └─ 1038 /usr/libexec/sssd/sssd_ssh --uid 0 --gid 0 --logger=files
> >
> > jul 13 23:40:24 munster.belkin.home systemd[1]: Starting sssd.service - System
Security Services Daemon...
> > jul 13 23:40:24 munster.belkin.home sssd[971]: Starting up
> > jul 13 23:40:24 munster.belkin.home sssd_be[1030]: Starting up
> > jul 13 23:40:24 munster.belkin.home sssd_ssh[1038]: Starting up
> > jul 13 23:40:24 munster.belkin.home sssd_pam[1035]: Starting up
> > jul 13 23:40:24 munster.belkin.home sssd_sudo[1036]: Starting up
> > jul 13 23:40:24 munster.belkin.home sssd_nss[1037]: Starting up
> > jul 13 23:40:25 munster.belkin.home systemd[1]: Started sssd.service - System
Security Services Daemon.
> > jul 13 23:40:41 munster.belkin.home sssd_nss[1037]: Enumeration requested but
not enabled
> > ```
> >
> > But recording sessions does not work.
> >
> > Relevant packages:
> >
> > ```
> > sssd-2.7.3-1.fc36.x86_64
> > tlog-12-2.fc36.x86_64
> > fedora-release-common-36-17.noarch
> > ```
> >
> > Please could you help me to figure out why session recording is not working?
> >
> > Thanks in advance!
> >
> > --
> > --
> > Sergio Belkin
> > LPIC-2 Certified -
http://www.lpi.org
> > _______________________________________________
> > devel mailing list -- devel(a)lists.fedoraproject.org
> > To unsubscribe send an email to devel-leave(a)lists.fedoraproject.org
> > Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> > List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
> > List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
> > Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
> _______________________________________________
> sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
> To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org
> Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahoste...
> Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
_______________________________________________
sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahoste...
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure