Re: Syslog output from bash

2016-08-23 Thread Richard Lohman 
That was exactly it. I kept thinking of openlog as opening a pointer to a
file.

Thanks, all for you insights.

On Aug 23, 2016 9:44 AM, "Chet Ramey"  wrote:

> On 8/22/16 4:10 PM, Richard Lohman wrote:
> > Hey all:
> >
> > In my attempts to log commands from bash via syslog, I've come upon a
> snag.
> > The output is of the form:
> > Mmm dd HH:MM:SS hostname -bash: command
> > This was obtained by uncommenting the define in config-top.h and changing
> > the call to syslog in bashhist.c as such:
> > syslog(SYSLOG_FACILITY|SYSLOG_LEVEL, "%s", line);
> >
> > Problem is, I'd like the output to resemble other syslog messages:
> >   Mmm dd HH:MM:SS hostname bash[pid]: command
> > And ultimately drop the username in as well. Since only bash is logging
> in
> > this format, I'm guessing there is something in the bash source tree
> > impacting the format, but I can't seem to find it.
>
> Whether or not the pid is printed as part of the message (once you remove
> it from the default bash syslog format string) is a property of the options
> passed to openlog().  bash-4.4 has an OPENLOG_OPTS define, and a
> corresponding call to openlog() that uses it, to set this.  Bash-4.3
> doesn't call openlog, so it uses the system's syslog defaults.
>
> If you want to print the username instead of the uid, use
> current_user.user_name instead of current_user.uid, which the original bash
> syslog call uses.  You've already changed the format, so you can drop
> another %s in there and use current_user.user_name.
>
> Chet
> --
> ``The lyf so short, the craft so long to lerne.'' - Chaucer
>  ``Ars longa, vita brevis'' - Hippocrates
> Chet Ramey, UTech, CWRUc...@case.eduhttp://cnswww.cns.cwru.edu/~
> chet/
>

Re: Syslog output from bash

2016-08-23 Thread Chet Ramey 
On 8/22/16 4:10 PM, Richard Lohman wrote:
> Hey all:
> 
> In my attempts to log commands from bash via syslog, I've come upon a snag.
> The output is of the form:
> Mmm dd HH:MM:SS hostname -bash: command
> This was obtained by uncommenting the define in config-top.h and changing
> the call to syslog in bashhist.c as such:
> syslog(SYSLOG_FACILITY|SYSLOG_LEVEL, "%s", line);
> 
> Problem is, I'd like the output to resemble other syslog messages:
>   Mmm dd HH:MM:SS hostname bash[pid]: command
> And ultimately drop the username in as well. Since only bash is logging in
> this format, I'm guessing there is something in the bash source tree
> impacting the format, but I can't seem to find it.

Whether or not the pid is printed as part of the message (once you remove
it from the default bash syslog format string) is a property of the options
passed to openlog().  bash-4.4 has an OPENLOG_OPTS define, and a
corresponding call to openlog() that uses it, to set this.  Bash-4.3
doesn't call openlog, so it uses the system's syslog defaults.

If you want to print the username instead of the uid, use
current_user.user_name instead of current_user.uid, which the original bash
syslog call uses.  You've already changed the format, so you can drop
another %s in there and use current_user.user_name.

Chet
-- 
``The lyf so short, the craft so long to lerne.'' - Chaucer
 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRUc...@case.eduhttp://cnswww.cns.cwru.edu/~chet/

Re: Syslog output from bash

2016-08-23 Thread Piotr Grzybowski 

On 23 Aug 2016, at 08:08, Bob Proulx wrote:

> Richard Lohman wrote:
>> Problem is, I'd like the output to resemble other syslog messages:
>>  Mmm dd HH:MM:SS hostname bash[pid]: command
>> And ultimately drop the username in as well. Since only bash is logging in
> 
> I suggest using the 'logger' command instead of modifying bash [..]

 Thats one way to do it.
 For me, the most natural solution was a log builtin:

https://lists.gnu.org/archive/html/bug-bash/2015-12/msg00088.html

 I kind of wanted to add log --syslog there anyway. Now I am not sure how 
useful it can be.
 Sorry for artificial rising of my own citation ranking ;-)

cheers,
pg

Re: Syslog output from bash

2016-08-23 Thread Bob Proulx 
Richard Lohman wrote:
> Problem is, I'd like the output to resemble other syslog messages:
>   Mmm dd HH:MM:SS hostname bash[pid]: command
> And ultimately drop the username in as well. Since only bash is logging in

I suggest using the 'logger' command instead of modifying bash.

Normally I am doing things like this:

  logger -t cmdname "my log message here"

But you can get the format you wish with:

  logger -t "cmdname[$$]" "your log message here"

Bob

Syslog output from bash

2016-08-22 Thread Richard Lohman 
Hey all:

In my attempts to log commands from bash via syslog, I've come upon a snag.
The output is of the form:
Mmm dd HH:MM:SS hostname -bash: command
This was obtained by uncommenting the define in config-top.h and changing
the call to syslog in bashhist.c as such:
syslog(SYSLOG_FACILITY|SYSLOG_LEVEL, "%s", line);

Problem is, I'd like the output to resemble other syslog messages:
  Mmm dd HH:MM:SS hostname bash[pid]: command
And ultimately drop the username in as well. Since only bash is logging in
this format, I'm guessing there is something in the bash source tree
impacting the format, but I can't seem to find it.

As far as the user name, I cobbled a bit of code that will get this for me:

register structure password *pw;
register uid_t uid;
uid=geteuid();
pw=getpwuid(uid);
If(pw) {
return(pw->pw_name); }
else {
//handle the error... }

This works to obtain the username, but seems a little heavy-handed. Is
there something more expedient, by chance?

Thanks in advance,
Rich