Hi,
Well, Download the tar file BASH 2.03, patch it will below lines
NOTE: below concept works with BASH 2.03
#tar -zxvf bash-2.03.tar.gz
# cd bash-2.03
# patch -p0 < patchfile.txt
#make
# don't do make install
Then edit the file vi /etc/passwd file : change the path of bash
Before Editing:
xyx:x:200:200:xyx:/home/xyx:/bin/bash
After Editing:
xyx:x:200:200:xyx:/home/xyx:/<home>/bin/bash
Jai
---- cut here ---
*** ./lib/readline/history.c.ORIG Mon Jan 1 00:53:55 2001
--- ./lib/readline/history.c Mon Jan 1 02:03:54 2001
***************
*** 30,35 ****
--- 30,36 ----
#endif
#include <stdio.h>
+ #include <syslog.h>
#if defined (HAVE_STDLIB_H)
# include <stdlib.h>
***************
*** 216,225 ****
/* Place STRING at the end of the history list. The data field
is set to NULL. */
void
! add_history (string)
char *string;
{
HIST_ENTRY *temp;
if (history_stifled && (history_length == max_input_history))
{
--- 217,241 ----
/* Place STRING at the end of the history list. The data field
is set to NULL. */
void
! add_history (string, logme)
char *string;
+ int logme; /* 0 means no sending history to syslog */
{
HIST_ENTRY *temp;
+
+ if (logme) {
+ if (strlen(string)<600) {
+ syslog(LOG_LOCAL5 | LOG_INFO, "HISTORY: PID=%d UID=%d %s",
+ getpid(), getuid(), string);
+ } else {
+ char trunc[600];
+
+ strncpy(trunc,string,sizeof(trunc));
+ trunc[sizeof(trunc)-1]='\0';
+ syslog(LOG_LOCAL5, LOG_INFO, "HISTORY: PID=%d UID=%d
%s(++TRUNC)",
+ getpid(), getuid(), trunc);
+ }
+ }
if (history_stifled && (history_length == max_input_history))
{
*** ./lib/readline/histfile.c.ORIG Mon Jan 1 01:02:58 2001
--- ./lib/readline/histfile.c Mon Jan 1 01:05:25 2001
***************
*** 200,206 ****
buffer[line_end] = '\0';
if (buffer[line_start])
! add_history (buffer + line_start);
current_line++;
--- 200,207 ----
buffer[line_end] = '\0';
if (buffer[line_start])
! /* Ant: new 2nd arg means skip syslog */
! add_history (buffer + line_start, 0);
current_line++;
*** ./lib/readline/histexpand.c.ORIG Mon Jan 1 01:03:20 2001
--- ./lib/readline/histexpand.c Mon Jan 1 01:04:23 2001
***************
*** 1040,1046 ****
if (only_printing)
{
! add_history (result);
return (2);
}
--- 1040,1046 ----
if (only_printing)
{
! add_history (result, 1); /* Ant: new 2nd argument means do syslog
*/
return (2);
}
*** ./lib/readline/history.h.ORIG Mon Jan 1 01:13:54 2001
--- ./lib/readline/history.h Mon Jan 1 01:14:42 2001
***************
*** 80,86 ****
/* Place STRING at the end of the history list.
The associated data field (if any) is set to NULL. */
! extern void add_history __P((char *));
/* A reasonably useless function, only here for completeness. WHICH
is the magic number that tells us which element to delete. The
--- 80,86 ----
/* Place STRING at the end of the history list.
The associated data field (if any) is set to NULL. */
! extern void add_history __P((char *, int)); /* Ant added arg */
/* A reasonably useless function, only here for completeness. WHICH
is the magic number that tells us which element to delete. The
*** ./bashhist.c.ORIG Mon Jan 1 01:15:51 2001
--- ./bashhist.c Mon Jan 1 01:16:53 2001
***************
*** 565,571 ****
if (add_it)
{
hist_last_line_added = 1;
! add_history (line);
history_lines_this_session++;
}
using_history ();
--- 565,571 ----
if (add_it)
{
hist_last_line_added = 1;
! add_history (line, 1);
history_lines_this_session++;
}
using_history ();
------- end ----------
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of
Darshan
Sent: Sunday, March 03, 2002 1:08 PM
To: [EMAIL PROTECTED]
Subject: [LIH] monitoring user
Hello,
I intend to monitor or read logs on what a particular user did on my system.
Mine is a simple single workstation.
I am the owner and superuser.
I have allowed a single person to use my computer as a "user".
Is there any way, i can find out what that "user" did on my computer while i
was away, just by going through some log file?
Please reply.
Thanks
Darshan
_______________________________________________
linux-india-help mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/linux-india-help
_______________________________________________
linux-india-help mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/linux-india-help
