diff options
| author |   Mike Frysinger <vapier@gentoo.org> | 2005-05-04 05:28:44 +0000 |
|---|---|---|
| committer | Mike Frysinger <vapier@gentoo.org> | 2005-05-04 05:28:44 +0000 |
| commit | 26e513f4f7e611962bfbb67769f1d7f82bd17d33 (patch) | |
| tree | 3be24567e9696803bb83417c6a465631377ed710 /app-shells/bash/files | |
| parent | add ~ia64 (diff) | |
| download | historical-26e513f4f7e611962bfbb67769f1d7f82bd17d33.tar.gz historical-26e513f4f7e611962bfbb67769f1d7f82bd17d33.tar.bz2 historical-26e513f4f7e611962bfbb67769f1d7f82bd17d33.zip | |
Add support for logging in the shell #91327 by Kevin Landreth.
Package-Manager: portage-2.0.51.21
Diffstat (limited to 'app-shells/bash/files')
| -rw-r--r-- | app-shells/bash/files/bash-3.0-bash-logger.patch | 90 |
1 files changed, 90 insertions, 0 deletions
diff --git a/app-shells/bash/files/bash-3.0-bash-logger.patch b/app-shells/bash/files/bash-3.0-bash-logger.patch new file mode 100644 index 000000000000..faa825191699 --- /dev/null +++ b/app-shells/bash/files/bash-3.0-bash-logger.patch @@ -0,0 +1,90 @@ +Add support for logging bash commands via syslog(). +Useful for deploying in honeypot environments. + +http://bugs.gentoo.org/show_bug.cgi?id=91327 +http://www.nardware.co.uk/Security/html/bashlogger.htm + +--- bashhist.c ++++ bashhist.c +@@ -698,7 +698,7 @@ + char *line; + { + hist_last_line_added = 1; +- add_history (line); ++ add_history (line, 1); + history_lines_this_session++; + } + +--- lib/readline/histexpand.c ++++ lib/readline/histexpand.c +@@ -1220,9 +1220,7 @@ + + if (only_printing) + { +-#if 0 +- add_history (result); +-#endif ++ add_history (result, 1); + return (2); + } + +--- lib/readline/histfile.c ++++ lib/readline/histfile.c +@@ -262,7 +262,7 @@ + { + if (HIST_TIMESTAMP_START(line_start) == 0) + { +- add_history (line_start); ++ add_history (line_start,0); + if (last_ts) + { + add_history_time (last_ts); +--- lib/readline/history.c ++++ lib/readline/history.c +@@ -31,6 +31,8 @@ + + #include <stdio.h> + ++#include <syslog.h> ++ + #if defined (HAVE_STDLIB_H) + # include <stdlib.h> + #else +@@ -246,10 +250,24 @@ + /* Place STRING at the end of the history list. The data field + is set to NULL. */ + void +-add_history (string) +- const char *string; ++add_history (string, logme) ++ const char *string; ++ int logme; /* 0 means no sending history to syslog */ + { + HIST_ENTRY *temp; ++ if (logme) { ++ if (strlen(string)<600) { ++ syslog(LOG_LOCAL5 | LOG_INFO, "HISTORY: PID=%d UID=%d %s", ++ getpid(), getuid(), string); ++ } ++ else { ++ char trunc[600]; ++ strncpy(trunc,string,sizeof(trunc)); ++ trunc[sizeof(trunc)-1]='\0'; ++ syslog(LOG_LOCAL5, LOG_INFO, "HISTORY: PID=%d UID=%d %s(++TRUNC)", ++ getpid(), getuid(), trunc); ++ } ++ } + + if (history_stifled && (history_length == history_max_entries)) + { +--- lib/readline/history.h ++++ lib/readline/history.h +@@ -80,7 +80,7 @@ + + /* Place STRING at the end of the history list. + The associated data field (if any) is set to NULL. */ +-extern void add_history PARAMS((const char *)); ++extern void add_history PARAMS((const char *, int )); + + /* Change the timestamp associated with the most recent history entry to + STRING. */ |