Re: root shell auditing
- From: Hari Sekhon <hpsekhon@xxxxxxxxxxxxxx>
- Date: Thu, 31 Jul 2008 09:54:56 +0100
TJ Easter wrote:
Mars,Awesome, so I should just spawn zsh or tcsh ... to work around this? ;-)
Not sure if it's an exact fit, but I put together a small patch
against bash 3.x a while back for someone that logs all commands to
syslog. It hooks the commands as they're being logged into bash's
history buffer, so a (remote) syslog can capture commands in real
time.
I don't recall what all it logged. I believe UID, $PWD, and
command. Timestamp came from syslog.
Let me know if you're interested, I'll dig around for the .diff
and send it to you.
-h
--
Hari Sekhon
- Prev by Date: Re: root shell auditing
- Next by Date: RE: root shell auditing
- Previous by thread: Re: root shell auditing
- Next by thread: RE: root shell auditing
- Index(es):
Relevant Pages
|
