Open deepskyblue86 opened 2 years ago
I was setting up some auditing for ssm sessions, and I noticed ssm-session-worker doesn't set loginuid. pstree:
|-amazon-ssm-agen,838 | |-ssm-agent-worke,898 | | |-ssm-session-wor,18199 <redacted> | | | |-sh,18212
loginuid:
$ cat /proc/838/loginuid ; echo 4294967295 $ cat /proc/898/loginuid ; echo 4294967295 $ cat /proc/18199/loginuid ; echo 4294967295
On the other hand, with ssh I have: pstree:
|-sshd,709 | `-sshd,17277 | `-sshd,17281 | `-bash,17282
$ cat /proc/709/loginuid ; echo 4294967295 $ cat /proc/17277/loginuid ; echo 1000 $ cat /proc/17281/loginuid ; echo 1000
I would expect ssm-session-worker to have loginuid set to ssm-user uid.
ssm-session-worker
I was setting up some auditing for ssm sessions, and I noticed ssm-session-worker doesn't set loginuid. pstree:
loginuid:
On the other hand, with ssh I have: pstree:
loginuid:
I would expect
ssm-session-worker
to have loginuid set to ssm-user uid.