Bug#901438: bash: enable compile-time syslog shopt

Wed, 13 Jun 2018 03:45:22 -0700 

Package: bash
Version: 5.0~alpha1-1
Severity: wishlist
Tags: patch

Dear Maintainer,

bash 5.0 introduced a new build-time config-top.h option to allow users
to optionally enable sending the bash history to syslog via a new shopt
variable.
Given it's generally undesirable on user's machines, even if compiled
in the feature is off by default at runtime. It can be checked
trivially with "shopt -p | grep syslog".

But this feature is often necessary and required on mission critical
equipment due to auditing rules&regulations. For example in my case, to
use vanilla Debian on servers inside a large ISP we need this option.
Given Debian aims to be a Universal Operating System, it would be
really great if such option were available without having to rebuild
bash manually. :-)

Please consider the inlined diff for the deb-bash-config.diff patch,
that will build the support but of course will leave it disabled by
default. I have tested it and it works as expected.

Thank you!

-- 
Kind regards,
Luca Boccassi

--- debian/patches/deb-bash-config.diff
+++ debian/patches/deb-bash-config.diff
@@ -14,6 +14,10 @@
 # DP: 
 # DP: - don't define a default DEFAULT_MAIL_DIRECTORY, because it
 # DP:   can cause a timeout on NFS mounts.
+# DP: 
+# DP: - build with runtime option to enable sending history to syslog
+# DP:   and disable it by default. Can be enabled by a user with
+# DP:   shopt -s syslog_history
 
 Index: b/config-bot.h
 ===================================================================
@@ -54,3 +58,21 @@
  
  /* Define if you want the case-capitalizing operators (~[~]) and the
     `capcase' variable attribute (declare -c). */
+@@ -117,7 +117,7 @@
+ 
+ /* Define if you want each line saved to the history list in bashhist.c:
+    bash_add_history() to be sent to syslog(). */
+-/* #define SYSLOG_HISTORY */
++#define SYSLOG_HISTORY
+ #if defined (SYSLOG_HISTORY)
+ #  define SYSLOG_FACILITY LOG_USER
+ #  define SYSLOG_LEVEL LOG_INFO
+@@ -128,7 +128,7 @@
+    shell option; if defined, the value is the default for the syslog_history
+    shopt option */
+ #if defined (SYSLOG_HISTORY)
+-/* #define SYSLOG_SHOPT 1 */
++#  define SYSLOG_SHOPT 0
+ #endif
+ 
+ /* Define if you want to include code in shell.c to support wordexp(3) */

Attachment: signature.asc
Description: This is a digitally signed message part

Reply via email to