Posted by irenefm on Thu 11 Jan 2007 at 15:29
I have set up a network with centralized user authentication through LDAP and access to home directories with NFS. I would now like to monitor user's connection time and usage, but across the network, rather than on a per-machine basis.
They are Debian Sarge systems, with GNOME desktops, and users login through gdm. The server is also Debian Sarge, with OpenLDAP.
On a single machine, I would use acct, but haven't found any equivalent for this purpose on a network basis, Does anyone know if there is such a package?
Since I couldn't find a package, I have been trying my own solutions, based on the idea of having common utmp and wtmp files accessible to all machines, in which they would write accounting information.
I have implemented this as follows:
However, I have come across some problems:
How to include information in the common wtmp and utmp files about which machine the user was actually on: when two users logged in to ':0' display, the first one is thought to have logged off, since two users cannot be logged in there at the same time.
I fixed this by modifying the sessreg command again, changing the display entry to ':0.machinename' which doesn't seem very elegant...
PID problems: I would like to get information about users currently logged in, but if I try to do this from a "control machine", the users appear to be "gone --no logout". I believe this is because the PID that wrote the entry to the wtmp and utmp files is not there (it is in another machine).
Only way I found to solve this was logging in to each machine and invoking acct commands from each one (so that the PID is found).
PID problems: Keeping two parallel accountings: Individual machines, and global across the network.
My first thought was it would be good to keep machine based accounting intact, and add the global accounting through different files. However, the only way I found of adding a sessreg entry to the /etc/X11/gdm/PreSession/Default, and avoid PID problems like the above, was using an "exec sessreg..." call, so that I could only include one sessreg command. (The script exits after that).
Found no solution to that so far.
In short, I'm not very happy about this setup, and wonder if anyone knows of a better answer, some way of merging the individual wtmp and utmp files, or an acct alternative for a "multi-machine" context.
Thanks for your help!
This article can be found online at the Debian Administration website at the following bookmarkable URL:
This article is copyright 2007 irenefm - please ask for permission to republish or translate.