tcsh: Log all commands to syslog
On a server requirements are that all commands issued by root or using sudo must be sent to syslog, with real user's name (PCI requirement).
For the standard shell (bash) this is not a problem, simply added this line to /root/.bashrc: Code:
PROMPT_COMMAND='history -a >(tee -a ~/.bash_history | logger -t "$USER[$$] $SUDO_USER[$$] $SSH_CONNECTION")' I've tried to use 'precmd' in /root/.cshrc but it fails to log anything. The closest I got is Code:
alias precmd tee -a ~/.history | logger -t "$USER[$$] $SUDO_USER[$$]" Putting single quote around the command almost works - when logging in it's like command waiting to finish, if I press <enter> I get a line in /var/log/messages - so it obviously logs to syslog! (And I've tried all 3 single quotes). But then, the prompt just hangs, like with a not completed command. Setting the command between parenteses I get "Badly placed ()'s" And tcsh cannot be removed (required by subversion and some other apps we simply must have). Server is running OpenSuse 12.1. Any ideas? |
Quote:
Quote:
|
All times are GMT -5. The time now is 01:50 PM. |