Maybe OT, but there is software to hook exec at the system library level
and provide syslog auditing: https://github.com/renard/snoopylogger
-Jonathan Hankins
On Thu, Sep 3, 2015 at 2:43 PM, Chet Ramey wrote:
> On 9/3/15 2:43 AM, Ondrej Oprala wrote:
>
> > We have recently had a customer reques
On 9/3/15 2:43 AM, Ondrej Oprala wrote:
> We have recently had a customer request for this, and Steve Grubb corrected
> the original patch for auditing. IIRC, aureport-2.4.2 should be able to
> handle the USER_TTY
> events now. With his permission, I'm attaching the new patch.
Thanks for the upda
On 10.08.2015 22:19, Chet Ramey wrote:
On 8/9/15 1:37 PM, aixtools wrote:
Hi,
Via google I came across the define named
config-top.h:/* #define SYSLOG_HISTORY */
Changing it (manually) to
config-top.h:#define SYSLOG_HISTORY
Adds syslog statements such as:
Aug 9 16:52:55 x064 user:info syslo
On 10 Aug 2015 16:19, Chet Ramey wrote:
> On 8/9/15 1:37 PM, aixtools wrote:
> > Via google I came across the define named
> >
> > config-top.h:/* #define SYSLOG_HISTORY */
> >
> > Changing it (manually) to
> > config-top.h:#define SYSLOG_HISTORY
> >
> > Adds syslog statements such as:
> > Aug
On 2015-08-12 3:19 PM, Chet Ramey wrote:
On 8/12/15 8:09 AM, Aharon Robbins wrote:
In article,
aixtools wrote:
In short, having it included in ./configure simply give it much more
visibility - and perhaps adoption.
Personally, I think that having bash send executed commands to syslog
is an in
On 8/12/15 8:09 AM, Aharon Robbins wrote:
> In article ,
> aixtools wrote:
>> In short, having it included in ./configure simply give it much more
>> visibility - and perhaps adoption.
>
> Personally, I think that having bash send executed commands to syslog
> is an invasion of privacy; I'm sur
On 8/12/15 6:31 AM, aixtools wrote:
> In short, having it included in ./configure simply give it much more
> visibility - and perhaps adoption.
Don't assume that wide adoption of this feature is a goal.
--
``The lyf so short, the craft so long to lerne.'' - Chaucer
``Ars longa,
On Wed, Aug 12, 2015 at 08:00:24AM -0500, John McKown wrote:
> Case 2: I'm running bash on my employer's system???. Do I really have an
> expectation of privacy on my employer's system? Why would I?
In some countries, yes, there is such an expectation. Logging your
employees' activities may or ma
On Wed, Aug 12, 2015 at 7:09 AM, Aharon Robbins wrote:
> In article ,
> aixtools wrote:
> >In short, having it included in ./configure simply give it much more
> >visibility - and perhaps adoption.
>
> Personally, I think that having bash send executed commands to syslog
> is an invasion of pri
In article ,
aixtools wrote:
>In short, having it included in ./configure simply give it much more
>visibility - and perhaps adoption.
Personally, I think that having bash send executed commands to syslog
is an invasion of privacy; I'm surprised such a feature is even there
at all...
My two ce
On 2015-08-10 10:19 PM, Chet Ramey wrote:
On 8/9/15 1:37 PM, aixtools wrote:
Hi,
Via google I came across the define named
config-top.h:/* #define SYSLOG_HISTORY */
Changing it (manually) to
config-top.h:#define SYSLOG_HISTORY
Adds syslog statements such as:
Aug 9 16:52:55 x064 user:info sy
On 8/9/15 1:37 PM, aixtools wrote:
> Hi,
>
> Via google I came across the define named
>
> config-top.h:/* #define SYSLOG_HISTORY */
>
> Changing it (manually) to
> config-top.h:#define SYSLOG_HISTORY
>
> Adds syslog statements such as:
> Aug 9 16:52:55 x064 user:info syslog: HISTORY: PID=2622
You can add `-DSYSLOG_HISTORY` to your CFLAGS for building.
And for formatting, apply this patch:
--- bashhist.c 2015-08-11 00:09:38.449468800 +0800
+++ bashhist.c 2015-08-11 00:09:42.970623400 +0800
@@ -713,12 +713,12 @@
char trunc[SYSLOG_MAXLEN];
if (strlen(line) < SYSLOG_MAXLEN)
-sy
Hi,
Via google I came across the define named
config-top.h:/* #define SYSLOG_HISTORY */
Changing it (manually) to
config-top.h:#define SYSLOG_HISTORY
Adds syslog statements such as:
Aug 9 16:52:55 x064 user:info syslog: HISTORY: PID=262242 UID=0 ls -ltr
Request #1
Add a ./configure variable,
14 matches
Mail list logo
