Re: Feature Request re: syslog and bashhist

2015-09-03 Thread Chet Ramey
On 9/3/15 2:43 AM, Ondrej Oprala wrote: > We have recently had a customer request for this, and Steve Grubb corrected > the original patch for auditing. IIRC, aureport-2.4.2 should be able to > handle the USER_TTY > events now. With his permission, I'm attaching the new patch. Thanks for the

Re: Feature Request re: syslog and bashhist

2015-09-03 Thread Ondrej Oprala
On 10.08.2015 22:19, Chet Ramey wrote: On 8/9/15 1:37 PM, aixtools wrote: Hi, Via google I came across the define named config-top.h:/* #define SYSLOG_HISTORY */ Changing it (manually) to config-top.h:#define SYSLOG_HISTORY Adds syslog statements such as: Aug 9 16:52:55 x064 user:info

Re: Feature Request re: syslog and bashhist

2015-09-03 Thread Hankins, Jonathan
Maybe OT, but there is software to hook exec at the system library level and provide syslog auditing: https://github.com/renard/snoopylogger -Jonathan Hankins On Thu, Sep 3, 2015 at 2:43 PM, Chet Ramey wrote: > On 9/3/15 2:43 AM, Ondrej Oprala wrote: > > > We have recently

Re: Feature Request re: syslog and bashhist

2015-08-13 Thread Mike Frysinger
On 10 Aug 2015 16:19, Chet Ramey wrote: On 8/9/15 1:37 PM, aixtools wrote: Via google I came across the define named config-top.h:/* #define SYSLOG_HISTORY */ Changing it (manually) to config-top.h:#define SYSLOG_HISTORY Adds syslog statements such as: Aug 9 16:52:55 x064

Re: Feature Request re: syslog and bashhist

2015-08-12 Thread aixtools
On 2015-08-10 10:19 PM, Chet Ramey wrote: On 8/9/15 1:37 PM, aixtools wrote: Hi, Via google I came across the define named config-top.h:/* #define SYSLOG_HISTORY */ Changing it (manually) to config-top.h:#define SYSLOG_HISTORY Adds syslog statements such as: Aug 9 16:52:55 x064 user:info

Re: Feature Request re: syslog and bashhist

2015-08-12 Thread John McKown
On Wed, Aug 12, 2015 at 7:09 AM, Aharon Robbins arn...@skeeve.com wrote: In article mailman.8184.1439375524.904.bug-b...@gnu.org, aixtools aixto...@gmail.com wrote: In short, having it included in ./configure simply give it much more visibility - and perhaps adoption. Personally, I think

Re: Feature Request re: syslog and bashhist

2015-08-12 Thread Greg Wooledge
On Wed, Aug 12, 2015 at 08:00:24AM -0500, John McKown wrote: Case 2: I'm running bash on my employer's system???. Do I really have an expectation of privacy on my employer's system? Why would I? In some countries, yes, there is such an expectation. Logging your employees' activities may or may

Re: Feature Request re: syslog and bashhist

2015-08-12 Thread Aharon Robbins
In article mailman.8184.1439375524.904.bug-b...@gnu.org, aixtools aixto...@gmail.com wrote: In short, having it included in ./configure simply give it much more visibility - and perhaps adoption. Personally, I think that having bash send executed commands to syslog is an invasion of privacy;

Re: Feature Request re: syslog and bashhist

2015-08-12 Thread Chet Ramey
On 8/12/15 8:09 AM, Aharon Robbins wrote: In article mailman.8184.1439375524.904.bug-b...@gnu.org, aixtools aixto...@gmail.com wrote: In short, having it included in ./configure simply give it much more visibility - and perhaps adoption. Personally, I think that having bash send executed

Re: Feature Request re: syslog and bashhist

2015-08-12 Thread Chet Ramey
On 8/12/15 6:31 AM, aixtools wrote: In short, having it included in ./configure simply give it much more visibility - and perhaps adoption. Don't assume that wide adoption of this feature is a goal. -- ``The lyf so short, the craft so long to lerne.'' - Chaucer ``Ars longa,

Re: Feature Request re: syslog and bashhist

2015-08-12 Thread aixtools
On 2015-08-12 3:19 PM, Chet Ramey wrote: On 8/12/15 8:09 AM, Aharon Robbins wrote: In articlemailman.8184.1439375524.904.bug-b...@gnu.org, aixtoolsaixto...@gmail.com wrote: In short, having it included in ./configure simply give it much more visibility - and perhaps adoption. Personally, I

RE: Feature Request re: syslog and bashhist

2015-08-10 Thread Arthur200000
You can add `-DSYSLOG_HISTORY` to your CFLAGS for building. And for formatting, apply this patch: --- bashhist.c 2015-08-11 00:09:38.449468800 +0800 +++ bashhist.c 2015-08-11 00:09:42.970623400 +0800 @@ -713,12 +713,12 @@ char trunc[SYSLOG_MAXLEN]; if (strlen(line) SYSLOG_MAXLEN) -

Re: Feature Request re: syslog and bashhist

2015-08-10 Thread Chet Ramey
On 8/9/15 1:37 PM, aixtools wrote: Hi, Via google I came across the define named config-top.h:/* #define SYSLOG_HISTORY */ Changing it (manually) to config-top.h:#define SYSLOG_HISTORY Adds syslog statements such as: Aug 9 16:52:55 x064 user:info syslog: HISTORY: PID=262242 UID=0

Feature Request re: syslog and bashhist

2015-08-09 Thread aixtools
Hi, Via google I came across the define named config-top.h:/* #define SYSLOG_HISTORY */ Changing it (manually) to config-top.h:#define SYSLOG_HISTORY Adds syslog statements such as: Aug 9 16:52:55 x064 user:info syslog: HISTORY: PID=262242 UID=0 ls -ltr Request #1 Add a ./configure