Automatically generated by Pod::Man v1.34, Pod::Parser v1.13
Standard preamble:
========================================================================
give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
double quote, and \*(R" will give a right double quote. | will give a
real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to
do unbreakable dashes and therefore won't be available. \*(C` and \*(C'
expand to `' in nroff, nothing in troff, for use with C<>.
.tr \(*W-|\(bv\*(Tr . ds -- \(*W- . ds PI pi . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch . ds L" "" . ds R" "" . ds C` "" . ds C' "" 'br\} . ds -- \|\(em\| . ds PI \(*p . ds L" `` . ds R" '' 'br\}
If the F register is turned on, we'll generate index entries on stderr for
titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index
entries marked with X<> in POD. Of course, you'll have to process the
output yourself in some meaningful fashion.
. de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . nr % 0 . rr F .\}
For nroff, turn off justification. Always turn off hyphenation; it makes
way too many mistakes in technical documents.
Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff . ds #H 0 . ds #V .8m . ds #F .3m . ds #[ \f1 . ds #] .\} . ds #H ((1u-(\\\\n(.fu%2u))*.13m) . ds #V .6m . ds #F 0 . ds #[ \& . ds #] \& .\} . \" simple accents for nroff and troff . ds ' \& . ds ` \& . ds ^ \& . ds , \& . ds ~ ~ . ds / .\} . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' .\} . \" troff and (daisy-wheel) nroff accents . \" corrections for vroff . \" for low resolution devices (crt and lpr) \{\ . ds : e . ds 8 ss . ds o a . ds d- d\h'-1'\(ga . ds D- D\h'-1'\(hy . ds th \o'bp' . ds Th \o'LP' . ds ae ae . ds Ae AE .\} ========================================================================
Title "SUDOSCRIPTD 8"
Standard preamble:
========================================================================
\\$1
.. ..
.... Set up some character translations and predefined strings. \*(-- will
give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
double quote, and \*(R" will give a right double quote. | will give a
real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to
do unbreakable dashes and therefore won't be available. \*(C` and \*(C'
expand to `' in nroff, nothing in troff, for use with C<>.
.tr \(*W-|\(bv\*(Tr . ds -- \(*W- . ds PI pi . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch . ds L" "" . ds R" "" . ds C` "" . ds C' "" 'br\} . ds -- \|\(em\| . ds PI \(*p . ds L" `` . ds R" '' 'br\}
If the F register is turned on, we'll generate index entries on stderr for
titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index
entries marked with X<> in POD. Of course, you'll have to process the
output yourself in some meaningful fashion.
. de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . nr % 0 . rr F .\}
For nroff, turn off justification. Always turn off hyphenation; it makes
way too many mistakes in technical documents.
Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff . ds #H 0 . ds #V .8m . ds #F .3m . ds #[ \f1 . ds #] .\} . ds #H ((1u-(\\\\n(.fu%2u))*.13m) . ds #V .6m . ds #F 0 . ds #[ \& . ds #] \& .\} . \" simple accents for nroff and troff . ds ' \& . ds ` \& . ds ^ \& . ds , \& . ds ~ ~ . ds / .\} . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' .\} . \" troff and (daisy-wheel) nroff accents . \" corrections for vroff . \" for low resolution devices (crt and lpr) \{\ . ds : e . ds 8 ss . ds o a . ds d- d\h'-1'\(ga . ds D- D\h'-1'\(hy . ds th \o'bp' . ds Th \o'LP' . ds ae ae . ds Ae AE .\} ========================================================================
Title "SUDOSCRIPTD 8"
SUDOSCRIPTD 8 "2004-11-22" "perl v5.8.0" "User Contributed Perl Documentation"
"NAME"
.Vb 1
sudoscriptd - logging daemons for sudoshell(1)
.Ve
"SYNOPSIS"
Header "SYNOPSIS" .Vb 1
sudoscriptd [-d|--datefmt long|short|sortable]
.Ve
"VERSION"
Header "VERSION" This manpage documents version 2.1.2 of sudoscriptd
"DESCRIPTION"
Header "DESCRIPTION" \fIsudoscriptd is a daemon for logging output from sudoshell\|(8).
Used with that script, it provides an audit trail for shells run under
sudo.
"README"
Header "README" When sudoscriptd starts, it creates a named pipe (\s-1FIFO\s0) in a spool
area. Then it forks a log management daemon that opens another \s-1FIFO\s0
and hangs around waiting for someone to write to it. When a new sudoshell
starts, it writes the name of the user who ran it (from \s-1SUDO_UID\s0) and its
own \s-1PID\s0 to the first \s-1FIFO\s0, then pauses waiting for a signal.
Sudoscriptd forks a logger with the information given by sudoshell,
which opens yet another \s-1FIFO\s0, whose name is derived from the username and
\s-1PID\s0. The logger then sends the signal that sudoshell is waiting for.
Sudoshell then runs script\|(1) on the session \s-1FIFO\s0. The logger takes the
output thus produced, tags it with a session \s-1ID\s0, and writes it to the
log management daemon's (remember him?) \s-1FIFO\s0. The log daemon tags the data
with a datestamp and writes it to a log file. It also manages the logs so
they don't overflow the logging partition. When the user ends her script\|(1)
session, sudoshell tells the front end daemon that it is done. The daemon
signals the session logger to wrap up its work, which it does by deleting
the session \s-1FIFO\s0 and exiting.
"CONFIGURATION"
Header "CONFIGURATION" \fIsudoshell uses sudo\|(8) to perform all its authentication and
privilege escalation. The sudoshell user must therefore be in the
\fIsudoers file (See sudoers\|(5).) with an entry that allows
running sudoshell as the desired user. See the \s-1SUDOCONFIG\s0 file in
the distribution for details. (On Linux, this will be in
/usr/share/doc/sudoscript-VERSION. Everywhere else, it's in
/usr/local/doc/sudoscript-VERSION.)
"IS THIS SECURE?"
Header "IS THIS SECURE?" In a word, no. Giving a user a root shell is a bad idea if you don't trust him
or her. There are countless ways to evade the audit trail provided by sudoscript,
even without root privilege. Let me highlight the last part of that sentence: even
without root privilege! (Think about the implications of the fact that a user must have
write access to the logging \s-1FIFO\s0 to see what I mean.) That means you can't rely on
this tool to maintain security for you. So, what good is sudoscript? It's useful in an
at least two environments. First, you trust your users, but need a record of what they
do for auditing purposes. Second, you may or may not trust your users, but they have
successfully agitated for a root (or other) shell. Sudoscript then provides an audit trail as
long as your users don't try to evade it.
See the file \s-1SECURITY\s0 (in the same place as \s-1SUDOCONFIG\s0, above) for more on sudoscript's security assumptions.
"SWITCHES"
Header "SWITCHES" One optional switch, \*(C`--datefmt\*(C', is accepted by \*(C`sudoscriptd\*(C'. This
controls the format of the datestamps in the log file. Three options
are available.
"long" 4
Item "long" This selects a long date format of 'wdy mon dd hh:mm:dd \s-1ZZZ\s0 \s-1YYYY\s0' where
'wdy' is the weekday name, 'mon' is the three letter month name, 'dd'
is the day of the month, hh:mm:ss' is the local time, '\s-1ZZZ\s0' is the local time
zone name and '\s-1YYYY\s0' is the four digit year.
"short" 4
Item "short" This selects a shorter date format of 'wdy mon dd hh:mm:dd'. This is
just the long with the time zone and year removed. \*(C`short\*(C' is the default
format if no \*(C`--datefmt\*(C' is given.
"sortable" 4
Item "sortable" This selects a compressed and numerically sortable format of 'yyyymmddhhmmss'.
"FILES"
Header "FILES" The front end fifo is /var/run/sudocript/rendezvous. The backend \s-1FIFO\s0
is /var/run/sudocript/merge. These two are semi-permanent. The session
FIFOs are named /var/run/sudocript/ssd{username}{pid}. They go away once
the session closes.
The log file is named /var/log/sudoscript. When the backend daemon rotates the log, it forks a compressor that creates files called /var/log/sudoscript.{n}.gz, where {n} is one through ten. Sudoscriptd stores its \s-1PID\s0 in /var/run/sudoscriptd.pid.
"BUGS"
Header "BUGS" The script\|(1) output is pretty ugly. All control characters are preserved
exactly as typed, or worse, as displayed by curses based console apps like
vi. The content of such logs can look completely unintelligible unless
they are cleaned up first. A shell script from the \*(L"Unix Power Tools\*(R" book
that uses sed\|(1) to do a first pass over such logs is available at
<ftp://ftp.oreilly.com/pub/examples/power_tools/unix/split/script.tidy>.
I considered building something like that into sudoscriptd, but rejected it
for two reasons. First, the daemon needs to get back to reading the \s-1FIFO\s0
as quickly as possible to avoid losing data to an over-full buffer. Second,
any cleanup of the logs would remove information. This could be bad if
I were over-zealous in my clean up. As it stands, you can run your own
clean up on the log data without destroying the original log.
The datestamp() routine is not locale aware and returns American English values.
"SEE ALSO"
Header "SEE ALSO" \fIsudoscript\|(8)
\fIsudoshell\|(1)
\fISudoscript\|(3pm)
\fIsudo\|(8)
\fIsudoers\|(5)
"PREREQUISITES"
Header "PREREQUISITES" sudo - <http://www.courtesan.com/sudo/index.html>
"OSNAMES"
Header "OSNAMES" \f(CW\*(C`Solaris\*(C'
\f(CW\*(C`Linux\*(C'
\f(CW\*(C`FreeBSD\*(C'
\f(CW\*(C`OpenBSD\*(C'
\f(CW\*(C`HP-UX\*(C'
"SCRIPT CATEGORIES"
Header "SCRIPT CATEGORIES" UNIX/System_administration
"CONTRIBUTORS"
Header "CONTRIBUTORS" The following people offered helpful advice and/or code:
.Vb 6 Dan Rich (drich@emplNOoyeeSPAMs.org) Alex Griffiths (dag@unifiedNOcomputingSPAM.com) Bruce Gray (bruce.gray@aNOcSPAMm.org) Chan Wilson (cwilson@coNrOp.sSgPi.cAoMm> Tommy Smith (tsNmOith@eSaPtAeMl.net) Donny Jekels (donny@jNOeSkPeAlMs.com .Ve
"AUTHOR"
Header "AUTHOR" Howard Owen, <hbo@egbok.com>
"COPYRIGHT AND LICENSE"
Header "COPYRIGHT AND LICENSE" Copyright 2002,2003 by Howard Owen
sudoscript is free software; you can redistribute it and/or modify it under the same terms as Perl itself.