Hello,
Bash history is logged to syslog if SYSLOG_HISTORY macro is defined in
config-top.h. There is no option to enable/disable it at runtime. I am adding a
shell option 'syshist' that can be used to configure logging bash history to
syslog at runtime.
--
--
Siteshwar Vashisht
From c6ec0d751ded75188f64d1d1ac9916c44153c305 Mon Sep 17 00:00:00 2001
From: Siteshwar Vashisht <svashi...@redhat.com>
Date: Tue, 24 Jan 2017 17:28:14 +0100
Subject: [PATCH] Make syslog history configurable
---
bashhist.c | 3 ++-
builtins/set.def | 9 +++++++++
config-top.h | 4 ++--
flags.c | 7 +++++++
flags.h | 4 ++++
5 files changed, 24 insertions(+), 3 deletions(-)
diff --git a/bashhist.c b/bashhist.c
index 9979f99..e6127c8 100644
--- a/bashhist.c
+++ b/bashhist.c
@@ -851,7 +851,8 @@ bash_add_history (line)
really_add_history (line);
#if defined (SYSLOG_HISTORY)
- bash_syslog_history (line);
+ if (syslog_history)
+ bash_syslog_history (line);
#endif
using_history ();
diff --git a/builtins/set.def b/builtins/set.def
index 8122361..718ba39 100644
--- a/builtins/set.def
+++ b/builtins/set.def
@@ -116,6 +116,9 @@ Options:
operation differs from the Posix standard to
match the standard
privileged same as -p
+#if defined (SYSLOG_HISTORY)
+ syshist same as -S
+#endif
verbose same as -v
#if defined (READLINE)
vi use a vi-style line editing interface
@@ -141,6 +144,9 @@ Options:
#endif /* BANG_HISTORY */
-P If set, do not resolve symbolic links when executing commands
such as cd which change the current directory.
+#if defined (SYSLOG_HISTORY)
+ -S If set, log history to syslog
+#endif
-T If set, the DEBUG and RETURN traps are inherited by shell functions.
-- Assign any remaining arguments to the positional parameters.
If there are no remaining arguments, the positional parameters
@@ -231,6 +237,9 @@ const struct {
{ "pipefail", '\0', &pipefail_opt, (setopt_set_func_t *)NULL, (setopt_get_func_t *)NULL },
{ "posix", '\0', &posixly_correct, set_posix_mode, (setopt_get_func_t *)NULL },
{ "privileged", 'p', (int *)NULL, (setopt_set_func_t *)NULL, (setopt_get_func_t *)NULL },
+#if defined (SYSLOG_HISTORY)
+ { "syshist", 'S', (int *)NULL, (setopt_set_func_t *)NULL, (setopt_get_func_t *)NULL },
+#endif
{ "verbose", 'v', (int *)NULL, (setopt_set_func_t *)NULL, (setopt_get_func_t *)NULL },
#if defined (READLINE)
{ "vi", '\0', (int *)NULL, set_edit_mode, get_edit_mode },
diff --git a/config-top.h b/config-top.h
index cb0e002..ae8d124 100644
--- a/config-top.h
+++ b/config-top.h
@@ -114,8 +114,8 @@
/* #define NOTFOUND_HOOK "command_not_found_handle" */
/* Define if you want each line saved to the history list in bashhist.c:
- bash_add_history() to be sent to syslog(). */
-/* #define SYSLOG_HISTORY */
+ If syshist shell option is set, bash_add_history() to be sent to syslog(). */
+#define SYSLOG_HISTORY
#if defined (SYSLOG_HISTORY)
# define SYSLOG_FACILITY LOG_USER
# define SYSLOG_LEVEL LOG_INFO
diff --git a/flags.c b/flags.c
index 4b94fb0..cc16221 100644
--- a/flags.c
+++ b/flags.c
@@ -137,6 +137,10 @@ int history_expansion = 1;
# endif
#endif /* BANG_HISTORY */
+#if defined (SYSLOG_HISTORY)
+int syslog_history = 0;
+#endif
+
/* Non-zero means that we allow comments to appear in interactive commands. */
int interactive_comments = 1;
@@ -215,6 +219,9 @@ const struct flags_alist shell_flags[] = {
#endif /* BANG_HISTORY */
{ 'I', &no_invisible_vars },
{ 'P', &no_symbolic_links },
+#if defined (SYSLOG_HISTORY)
+ { 'S', &syslog_history},
+#endif /* SYSLOG_HISTORY */
{ 'T', &function_trace_mode },
{0, (int *)NULL}
};
diff --git a/flags.h b/flags.h
index d5ed334..7fe25d5 100644
--- a/flags.h
+++ b/flags.h
@@ -62,6 +62,10 @@ extern int brace_expansion;
extern int history_expansion;
#endif /* BANG_HISTORY */
+#if defined (SYSLOG_HISTORY)
+extern int syslog_history;
+#endif
+
#if defined (RESTRICTED_SHELL)
extern int restricted;
extern int restricted_shell;
--
2.9.3
