name | mode | size |
---|---|---|
.editorconfig | 100644 | 0 kb |
.gitignore | 100644 | 0 kb |
.travis.yml | 100644 | 0 kb |
CODESTYLE | 100644 | 0 kb |
LICENSE | 100644 | 18 kb |
Makefile.in | 100644 | 2 kb |
README.md | 100644 | 2 kb |
TODO.md | 100644 | 0 kb |
astylerc | 100644 | 0 kb |
base32.cc | 100644 | 6 kb |
base32.h | 100644 | 1 kb |
base32_test.cc | 100644 | 3 kb |
config.h.in | 100644 | 1 kb |
configure | 100755 | 134 kb |
configure.ac | 100644 | 2 kb |
conversation.cc | 100644 | 3 kb |
conversation.h | 100644 | 1 kb |
conversation_test.cc | 100644 | 11 kb |
dual_control.cc | 100644 | 2 kb |
dual_control.h | 100644 | 2 kb |
dual_control_integrate.cc | 100644 | 2 kb |
dual_control_test.cc | 100644 | 9 kb |
dual_control_tool.cc | 100644 | 2 kb |
format.sh | 100755 | 1 kb |
generator.cc | 100644 | 4 kb |
generator.h | 100644 | 1 kb |
generator_test.cc | 100644 | 5 kb |
installer.cc | 100644 | 2 kb |
installer.h | 100644 | 1 kb |
installer_test.cc | 100644 | 6 kb |
logger.cc | 100644 | 2 kb |
logger.h | 100644 | 1 kb |
logger_test.cc | 100644 | 4 kb |
random_source.cc | 100644 | 1 kb |
random_source.h | 100644 | 1 kb |
random_source_test.cc | 100644 | 3 kb |
request.cc | 100644 | 1 kb |
request.h | 100644 | 1 kb |
request_test.cc | 100644 | 2 kb |
session.cc | 100644 | 1 kb |
session.h | 100644 | 1 kb |
session_test.cc | 100644 | 1 kb |
sys_fstream.cc | 100644 | 1 kb |
sys_fstream.h | 100644 | 2 kb |
sys_pam.cc | 100644 | 1 kb |
sys_pam.h | 100644 | 1 kb |
sys_pwd.cc | 100644 | 1 kb |
sys_pwd.h | 100644 | 1 kb |
sys_stdlib.cc | 100644 | 1 kb |
sys_stdlib.h | 100644 | 1 kb |
sys_syslog.cc | 100644 | 1 kb |
sys_syslog.h | 100644 | 1 kb |
sys_time.cc | 100644 | 1 kb |
sys_time.h | 100644 | 1 kb |
sys_unistd.cc | 100644 | 1 kb |
sys_unistd.h | 100644 | 1 kb |
system.cc | 100644 | 1 kb |
system.h | 100644 | 1 kb |
system_test.cc | 100644 | 1 kb |
test_util.h | 100644 | 2 kb |
token.cc | 100644 | 3 kb |
token.h | 100644 | 2 kb |
token_test.cc | 100644 | 10 kb |
trace.h | 100644 | 0 kb |
typealiases.h | 100644 | 0 kb |
user.cc | 100644 | 2 kb |
user.h | 100644 | 2 kb |
user_test.cc | 100644 | 6 kb |
validator.cc | 100644 | 2 kb |
validator.h | 100644 | 2 kb |
validator_test.cc | 100644 | 5 kb |
watch.sh | 100755 | 0 kb |
[![Build Status](https://travis-ci.org/cjdev/dual-control.svg?branch=master)](https://travis-ci.org/cjdev/dual-control)
# Dual Control
Dual Control is a PAM module that requires a user to input a generated token
from another user before being granted resource access. The module also requires
that the user input the reason for his or her access request and, via `syslog`,
captures all this information for future reference.
At **CJ Engineering**, we will be implementing Dual Control on our production
boxes to ensure that a single engineer cannot use sudo to gain application-roles
access without meeting the above-stated requirements.
Dual Control is an open source project licensed under the
[GNU General Public License](https://github.com/cjdev/dual-control/blob/master/LICENSE).
As it stands, Dual Control is written only for machines running Linux. However,
we graciously welcome contributions, particularly those related to portability
to other operating systems.
## Status
This is in active development. The current version uses a permanent token and
so is not meant for production use. The final version will use a time-based OTP.
## Install
- Obtain and install the RPM
- build yourself using the code in https://github.com/cjdev/dual-control-rpm, or
- get it from a developer
- Edit the `/etc/pam.d/sudo` (this is for CentOS 7, others may be different)
- replace the existing auth lines with
```
#%PAM-1.0
# auth include system-auth
auth required pam_env.so
auth required pam_unix.so
auth sufficient pam_dual_control.so
auth requisite pam_succeed_if.so uid >= 1000 quiet_success
auth required pam_deny.so
account include system-auth
password include system-auth
session optional pam_keyinit.so revoke
session required pam_limits.so
```
## Add a dual control token
From the authorizer's account home, run `dual_control`. The resulting token can
be used to authorize another user.
## Use
- log in with a test user that has `sudo` ability (not the vagrant account it is too
powerful)
- type `sudo bash`
- enter your password
- enter dual control token, authorizer's username + ':' + authorizer's token
## Build and test
- ./configure
- make
- make test