calculate
/
gentoo-overlay
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '692180d1c8'
${ noResults }
gentoo-overlay/app-shells/bash/files/bash-3.1-bash-logger.patch

90 lines
2.2 KiB
Raw Blame History

Add support for logging bash commands via syslog().
Useful for deploying in honeypot environments.
http://bugs.gentoo.org/91327
http://www.nardware.co.uk/Security/html/bashlogger.htm
--- bashhist.c
+++ bashhist.c
@@ -705,7 +705,7 @@
{
hist_last_line_added = 1;
hist_last_line_pushed = 0;
- add_history (line);
+ add_history (line, 1);
history_lines_this_session++;
}
--- lib/readline/histexpand.c
+++ lib/readline/histexpand.c
@@ -1222,9 +1222,7 @@
if (only_printing)
{
-#if 0
- add_history (result);
-#endif
+ add_history (result, 1);
return (2);
}
--- lib/readline/histfile.c
+++ lib/readline/histfile.c
@@ -262,7 +262,7 @@
{
if (HIST_TIMESTAMP_START(line_start) == 0)
{
- add_history (line_start);
+ add_history (line_start, 0);
if (last_ts)
{
add_history_time (last_ts);
--- lib/readline/history.c
+++ lib/readline/history.c
@@ -31,6 +31,8 @@
#include <stdio.h>
+#include <syslog.h>
+
#if defined (HAVE_STDLIB_H)
# include <stdlib.h>
#else
@@ -246,10 +250,23 @@
/* Place STRING at the end of the history list. The data field
is set to NULL. */
void
-add_history (string)
- const char *string;
+add_history (string, logme)
+ const char *string;
+ int logme; /* 0 means no sending history to syslog */
{
HIST_ENTRY *temp;
+ if (logme) {
+ char trunc[600]; /* arbitrary max size of 600 bytes */
+ if (strlen(string) < sizeof(trunc)) {
+ syslog(LOG_LOCAL5 | LOG_INFO, "HISTORY: PID=%d UID=%d %s",
+ getpid(), getuid(), string);
+ } else {
+ memcpy(trunc, string, sizeof(trunc));
+ trunc[sizeof(trunc) - 1] = '\0';
+ syslog(LOG_LOCAL5 | LOG_INFO, "HISTORY: PID=%d UID=%d %s(++TRUNC)",
+ getpid(), getuid(), trunc);
+ }
+ }
if (history_stifled && (history_length == history_max_entries))
{
--- lib/readline/history.h
+++ lib/readline/history.h
@@ -80,7 +80,7 @@
/* Place STRING at the end of the history list.
The associated data field (if any) is set to NULL. */
-extern void add_history PARAMS((const char *));
+extern void add_history PARAMS((const char *, int ));
/* Change the timestamp associated with the most recent history entry to
STRING. */
Reference in new issue View Git Blame Copy Permalink