tlog icon indicating copy to clipboard operation
tlog copied to clipboard

Published 20 hours ago verified publisher icon Scribery

add a session_locking option in tlog-rec-session.conf

Open ajf8 opened this issue 3 years ago • 8 comments

this adds a option to disable locking by session id.

locking may be desirable for some users to avoid potential duplication, but for others it's a bit of a liability, in particular not recording multiplexed SSH sessions which share the same session ID.

ajf8 avatar Apr 07 '21 18:04 ajf8

Coverage Status

Coverage decreased (-0.04%) to 28.855% when pulling b4639f37f8d1b43df26ce604ecc13be5a14e0f0f on ajf8:no_locking_option into 3897015d1e00e003b593d26bbae0d8d42b74e863 on Scribery:master.

coveralls avatar Apr 07 '21 20:04 coveralls

Nice! Shouldn't this be the default since log loss is going to be the default in many (if not most) non-trivial cases?

trevor-vaughan avatar Apr 09 '21 13:04 trevor-vaughan

I'm incined to say yes it should be and happy to change it if the maintainers agree, but I appreciate it could be a major and unexpected change of behavior for some, so I didn't change the defaults. Maybe that could happen at a later time and with more consideration.

I'm happy with just having the option and changing tlog-rec-session.conf in our config management. I sed the LOCK_SESS bigflag to be zero before building tlog at present and will continue to do so, but it seems like something that should be an option.

ajf8 avatar Apr 09 '21 15:04 ajf8

Hi, this seems reasonable. On busy systems with locking disabled are you seeing an excess of duplicate recordings?

justin-stephenson avatar Apr 12 '21 20:04 justin-stephenson

I guess I look at it the other way. Would you rather lose logs or have to ramp it back if things get overwhelming?

trevor-vaughan avatar Apr 12 '21 20:04 trevor-vaughan

Hi,

No, it hasn't resulted in excessive amounts of logs or any duplication for us, just that multiplexed sessions get logged. We have tlog on bastions which are restricted to just SSH and a few other commands, and on hosts which aren't logged into often. It's fine in both of these cases.

I guess there could be duplication on a desktop / development host, if things are running your shell as defined by NSS rather than $SHELL. But we're not interested in tlog on such hosts.

Thanks,

ajf8 avatar Apr 13 '21 10:04 ajf8

@ajf8 Would you like to write a test for this in https://github.com/Scribery/tlog/blob/master/lib/tlitest/test_tlog_rec_session.py ? You'll need to add this new option https://github.com/Scribery/tlog/blob/3897015d1e00e003b593d26bbae0d8d42b74e863/lib/tlitest/config.py#L185

justin-stephenson avatar Jun 01 '21 15:06 justin-stephenson

Hi @justin-stephenson no problem, but I haven't quite got the tests working yet. I'll try to figure it out and fix them soon.

ajf8 avatar Jun 16 '21 00:06 ajf8