> Hi all, > > due to security contraints I am looking for a shell that logs > all commands that are invoked by the user, in particular if > the user has become root. I found two (non-RedHat) > approaches: sudosh and rootsh. Sudosh seems to be a pretty > good tool, unfortunately it logs also passwords in clear-text > format. Rootsh not only logs keystrokes but also all the > output to syslogd and fills up our log files . So, both tools > are not suitable for us. At the moment we just copy the > .bash_history file if a user logs out. But this is not > absolutely reliable. > > Are there any other approaches? Could someone please point me > to a usable solution for this issue? > > Thanks, > Oliver Fenker I've never used rootsh myself but doesn't it have an option, --no-syslog, which prevents logging to the syslog file? You could recompile rootsh forcing the --no-syslog option. You can find the source code in SourceForge. HTH, Michael -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
