> > Hi all, > > > > due to security contraints I am looking for a shell that logs all > > commands that are invoked by the user, in particular if the > user has > > become root. I found two (non-RedHat) > > approaches: sudosh and rootsh. Sudosh seems to be a pretty > good tool, > > unfortunately it logs also passwords in clear-text format. > Rootsh not > > only logs keystrokes but also all the output to syslogd and > fills up > > our log files . So, both tools are not suitable for us. At > the moment > > we just copy the .bash_history file if a user logs out. But this is > > not absolutely reliable. > > > > Are there any other approaches? Could someone please point me to a > > usable solution for this issue? > > > > Thanks, > > Oliver Fenker > > I've never used rootsh myself but doesn't it have an option, > --no-syslog, which prevents logging to the syslog file? You > could recompile rootsh forcing the --no-syslog option. You > can find the source code in SourceForge. > > HTH, > Michael > Actually, I quickly double-checked a suspicion I had. You can recompile the code with logging to syslog disabled. Download the source code and run the /configure command with the --disable-syslog option and then run a make. That should do it. Michael -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
