path: root/modules/pam_tty_audit/README
diff options
Diffstat (limited to 'modules/pam_tty_audit/README')
1 files changed, 9 insertions, 1 deletions
diff --git a/modules/pam_tty_audit/README b/modules/pam_tty_audit/README
index f769f533..dd18da72 100644
--- a/modules/pam_tty_audit/README
+++ b/modules/pam_tty_audit/README
@@ -27,6 +27,13 @@ open_only
closing the session. Using this option is necessary for some services that
don't fork() to run the authenticated session, such as sudo.
+ Log keystrokes when ECHO mode is off but ICANON mode is active. This is the
+ mode in which the tty is placed during password entry. By default,
+ passwords are not logged. This option may not be available on older kernels
+ (3.9?).
When TTY auditing is enabled, it is inherited by all processes started by that
@@ -47,5 +54,6 @@ session required disable=* enable=root
-pam_tty_audit was written by Miloslav Trmač <>.
+pam_tty_audit was written by Miloslav Trmač <>. The log_passwd
+option was added by Richard Guy Briggs <>.