Session Recording using tlog

calendar Dec 8, 2019 · 1 min read · ansible redhat role sssd session recording  ·
Share on: linkedin copy

Contents

The posts and videos showing how to configure session recording on RHEL based systems that I've seen, all rely on cockpit and web based configuration.

This post will explain how to configure session recording via configuration files only, allowing you to automate it. There's also a link to a simple ansible role which will complete these tasks for you.

First we need to install sssd and tlog.

1dnf install sssd tlog

We need to configure the sssd conf file. It may or may not be already present.

If it is present, ensure that there is a [domain/something] section and that the [sssd] section includes the correct domain and services.

An example /etc/sssd/sssd.conf file:

1# This file should be mode 0600
2[domain/local]
3id_provider = files
4
5[sssd]
6domains = local
7services = nss, pam, ssh, sudo

We need to configure a session recording file:

1# This file should be mode 0600
2[session_recording]
3scope = all
4# You can also specify users or groups to record:
5# users = example1, example2
6# groups = examples

Restart sssd then login: systemctl restart sssd

References

All of the above in an ansible role: session-recording

Session recording configuration using cockpit: Redhat Session Recording