[pam] SLX_REMOTE_LOG_SESSIONS controls whether session open/close is logged, anonymously logged, or not logged at all

2 files changed, 12 insertions, 2 deletions

diff --git a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close
index 38146ac6..826e0a55 100755
--- a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close
+++ b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close
@@ -5,7 +5,12 @@ export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/o
 
 # NSA needs to know
 if [ "x$PAM_SERVICE" != "xsu" -a "x$PAM_SERVICE" != "xsudo" ]; then
-	slxlog "session-close" "$PAM_USER logged out on $PAM_TTY"
+	. /opt/openslx/config
+	if [ "x$SLX_REMOTE_LOG_SESSIONS" = "xyes" -o "x$PAM_USER" = "xroot" ]; then
+		slxlog "session-close" "$PAM_USER logged out on $PAM_TTY"
+	elif [ "x$SLX_REMOTE_LOG_SESSIONS" = "xanonymous" ]; then
+		slxlog "session-close" "User logged out on $PAM_TTY"
+	fi
 fi
 
 # do not kill all root processes :)
diff --git a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open
index 4041d755..75065ec8 100755
--- a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open
+++ b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open
@@ -18,7 +18,12 @@ PERSISTENT_HOME_DIR="${TEMP_HOME_DIR}/PERSISTENT"
 
 # NSA needs to know
 if [ "x$PAM_SERVICE" != "xsu" -a "x$PAM_SERVICE" != "xsudo" ]; then
-	slxlog "session-open" "$PAM_USER logged in on $PAM_TTY"
+	. /opt/openslx/config
+	if [ "x$SLX_REMOTE_LOG_SESSIONS" = "xyes" -o "x$PAM_USER" = "xroot" ]; then
+		slxlog "session-open" "$PAM_USER logged in on $PAM_TTY"
+	elif [ "x$SLX_REMOTE_LOG_SESSIONS" = "xanonymous" ]; then
+		slxlog "session-open" "User logged in on $PAM_TTY"
+	fi
 fi
 
 # check if the script runs as root