From e765ee02c6d90690dffe4ec643458a5f33d63dd9 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Fri, 3 Jan 2014 18:01:08 +0100
Subject: [pam] SLX_REMOTE_LOG_SESSIONS controls whether session open/close is
 logged, anonymously logged, or not logged at all

---
 remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close | 7 ++++++-
 remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open  | 7 ++++++-
 2 files changed, 12 insertions(+), 2 deletions(-)

(limited to 'remote/modules')

diff --git a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close
index 38146ac6..826e0a55 100755
--- a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close
+++ b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_close
@@ -5,7 +5,12 @@ export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/o
 
 # NSA needs to know
 if [ "x$PAM_SERVICE" != "xsu" -a "x$PAM_SERVICE" != "xsudo" ]; then
-	slxlog "session-close" "$PAM_USER logged out on $PAM_TTY"
+	. /opt/openslx/config
+	if [ "x$SLX_REMOTE_LOG_SESSIONS" = "xyes" -o "x$PAM_USER" = "xroot" ]; then
+		slxlog "session-close" "$PAM_USER logged out on $PAM_TTY"
+	elif [ "x$SLX_REMOTE_LOG_SESSIONS" = "xanonymous" ]; then
+		slxlog "session-close" "User logged out on $PAM_TTY"
+	fi
 fi
 
 # do not kill all root processes :)
diff --git a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open
index 4041d755..75065ec8 100755
--- a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open
+++ b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open
@@ -18,7 +18,12 @@ PERSISTENT_HOME_DIR="${TEMP_HOME_DIR}/PERSISTENT"
 
 # NSA needs to know
 if [ "x$PAM_SERVICE" != "xsu" -a "x$PAM_SERVICE" != "xsudo" ]; then
-	slxlog "session-open" "$PAM_USER logged in on $PAM_TTY"
+	. /opt/openslx/config
+	if [ "x$SLX_REMOTE_LOG_SESSIONS" = "xyes" -o "x$PAM_USER" = "xroot" ]; then
+		slxlog "session-open" "$PAM_USER logged in on $PAM_TTY"
+	elif [ "x$SLX_REMOTE_LOG_SESSIONS" = "xanonymous" ]; then
+		slxlog "session-open" "User logged in on $PAM_TTY"
+	fi
 fi
 
 # check if the script runs as root
-- 
cgit v1.2.3-55-g7522