I had a Centos 8 installation with a working session logging setup (sssd, tlog). On any ssh login to the server the session was logged and sent to a syslog server. All the logins are local logins (/etc/passwd) and there is no ldap or other remote service for auth. I upgraded the server to Centos stream 8 and now the session logging does not start when i login via ssh. Some facts:
- the /usr/bin/tlog-rec-session when invoked manually, it does the job and logs the session.
- In /etc/sssd/sssd.conf I have the directives:
[session_recording] scope = all
Session logging does not start. I don't really know what was the mechanism that started session logging before.
Any pointers on where to look for the problem?