On 8/22/16 4:10 PM, Richard Lohman wrote:
> Hey all:
>
> In my attempts to log commands from bash via syslog, I've come upon a snag.
> The output is of the form:
> Mmm dd HH:MM:SS hostname -bash: command
> This was obtained by uncommenting the define in config-top.h and changing
> the call to syslog in bashhist.c as such:
> syslog(SYSLOG_FACILITY|SYSLOG_LEVEL, "%s", line);
>
> Problem is, I'd like the output to resemble other syslog messages:
> Mmm dd HH:MM:SS hostname bash[pid]: command
> And ultimately drop the username in as well. Since only bash is logging in
> this format, I'm guessing there is something in the bash source tree
> impacting the format, but I can't seem to find it.
Whether or not the pid is printed as part of the message (once you remove
it from the default bash syslog format string) is a property of the options
passed to openlog(). bash-4.4 has an OPENLOG_OPTS define, and a
corresponding call to openlog() that uses it, to set this. Bash-4.3
doesn't call openlog, so it uses the system's syslog defaults.
If you want to print the username instead of the uid, use
current_user.user_name instead of current_user.uid, which the original bash
syslog call uses. You've already changed the format, so you can drop
another %s in there and use current_user.user_name.
Chet
--
``The lyf so short, the craft so long to lerne.'' - Chaucer
``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU [email protected] http://cnswww.cns.cwru.edu/~chet/
