sudosh2 sudosh is a sudo shell and filter, and can be used as a login shell.
Download

sudosh2 Ranking & Summary

sudosh2 Tags

shell filter Sudo sudo shell sudo filter record keystrokes

sudosh2 Description

sudosh is a sudo shell and filter, and can be used as a login shell. sudosh is a sudo shell and filter, and can be used as a login shell. It records all keystrokes and output and can play back the session. sudosh2 is a continuation of the development of sudosh.sudosh was designed specifically to be used in conjunction with sudo or byitself as a login shell.. sudosh allows the execution of a root shell withlogging. Every command the user types within the root shell is logged aswell as the output.How is this different than "sudo -s" or "sudo /bin/sh" ?Using "sudo -s" or other methods doesn't log commands typed to syslog.Generally the commands are logged to a file such as .sh_history and if youuse a shell such as csh that doesn't support command-line logging you'reout of luck.sudosh fills this gap. No matter what shell you use, all of the commandlines are logged to syslog (including vi keystrokes.)Installation:Compile sudosh.1) ./configure2) make3) make install4) sudosh -iConfigure sudosh to be used with sudo1) configure /etc/sudoers to allow system administrators to execute /usr/local/bin/sudoshExample entry to /etc/sudoers:-- /etc/sudoers begin --User_Alias ADMINS=admin1,admin2,admin3User_Alias DBAS=dba1,dba2,dba3Cmnd_Alias SUDOSH=/usr/local/bin/sudoshADMINS ALL=SUDOSHDBAS ALL=(oracle)/usr/local/bin/sudosh-- /etc/sudoers end --2) use it.3) Look at the results with the sudosh-replay command.Example usage to get ROOT ACCESS:-- example usage begin --# Get access to rootdhanks@linux:~> sudo sudoshPassword:starting session for dhanks as root,/dev/tty3 (/bin/bash) (root-1108447320)linux:~ # iduid=0(root) gid=0(root) groups=0(root)linux:~ # exitexitdhanks@linux:~>-- example usage end --Example usage to get ORACLE ACCESS:-- example usage begin --# Get access to oracledhanks@linux:~> sudo -u oracle sudoshPassword:starting session for dhanks as oracle,/dev/tty3 (/bin/bash) (oracle-1108447391)oracle@linux:~> iduid=1001(oracle) gid=100(users) groups=100(users)oracle@linux:~> exitdhanks@linux:~>-- example usage end --Configure sudosh to be used as a login shell1) Set the default shell to be used as a login shell. If you do not change the default value /bin/sh will be used. Use the --with-defshell option to configure to set this value.2) If your system supports /etc/shells, add the absolute path to sudosh to the list.3) Edit /etc/passwd and set the user's shell to the absolute path of sudosh (generally /usr/local/bin/sudosh unless you change the --prefix)How To Replay SessionsUse the "sudosh-replay" command to replay previous root sessions. To seea list of available sessions execute "sudosh-replay" by itself.-- example begin --linux:~ # sudosh-replaySessions stored in /var/log/sudosh:dhanks 1 session Wed Oct 20 18:39:00 2004 (ID dhanks-1098322740)Usage: sudosh-replay ID Example: sudosh-replay dhanks-1098322740 1 2linux:~ #-- example end--As we can see there is 1 session available to view on my system at thetime of writing this documentation.Use the ID to specify which session you which to replay. The ID is locatedin the brackets after the date string. In this case our ID is"dhanks-1098322740"To view this session just as the user typed it, execute"sudosh-replay dhanks-1098322740"To merely just output the session data and ignore the timing information,just set the multiplier to 0:"sudosh-replay dhanks-1098322740" 0The multiplier also works to speed up the session. If you wish to speed upthe session 2x, use a multiplier of 2"sudosh-replay dhanks-1098322740" 2If you have people that type slowly or if a user goes away from the keyboard,you don't want to sit there and wait for the output. Instead set the MAXWAITvariable. It's set to 1 by default."sudosh-replay dhanks-1098322740" 2 .5What's New in This Release:· This release fixes all reported bugs (which were all reported against the parent project, sudosh).· This increases compatibility with several non-glibc systems.· A new config option was added to allow you to retain your environment into your new shell should you so choose.

sudosh2 Related Software