On Monday, December 07, 2015 01:29:54 PM Frank Cox
wrote:> Benjamin Smith wrote:
> > Is it possible to use 'script' command that records what
happens in a
> > session as the default shell? How could you deal with multiple logins
at
> > once? What about output from rsync and the like?
>
> What problem are you attempting to solve? Have you looked at the bash
> 'history' command?
We'd like to have an auditable history of what happened on production
servers,
kept for a period of time. (perhaps a week?) It's a very busy production
environment, but the only shell-level access to the systems are
administrative, but having a history of activity as well as the output would
have been highly valuable this morning to verify that a mistake that might
have been made was. (or wasn't!)
I'm familiar with `history`but it has a few problems:
1) You only see the commands entered.
2) You only see the commands in other shells after you log out.
3) You don't see the output from the commands.
4) Histories can be lost altogether if the shell exits abnormally. (EG tcp
timeout)
I was thinking of a shell script something like (PSEUDO code)
#! /bin/sh
LOGFILE=`date --format='Ymd:Hms'`;
script /var/log/histories/root.$LOGFILE
exit $?
And putting it as the shell in /etc/passwd, but this *has* to be the kind of
thing that somebody else has done, right?