Makefile.in | 4 config-bot.h | 5 config.h.in | 5 configure |22851 ++++++++++++++++++++++++++++++++----------------------- configure.in | 12 debian/README | 2 debian/changelog | 10 debian/control | 7 debian/rules | 1 doc/bash.1 | 17 eval.c | 55 externs.h | 4 flags.c | 6 flags.h | 4 parse.y | 2 shell.c | 30 16 files changed, 13510 insertions(+), 9505 deletions(-)
New commits: commit 4bff79ebc8372329f8c1dd4f97a5b9a8d5c06eb6 Author: Stephen Hemminger <[email protected]> Date: Wed Apr 7 11:01:05 2010 -0700 3.1dfsg-8-vyatta-17 commit 5390d9b8f5f60c0024c974cd6002369ee12f7ee1 Author: Stephen Hemminger <[email protected]> Date: Wed Apr 7 10:56:15 2010 -0700 Rerun autoreconf to regenerate configure Need to pick up new audit option. commit 1323b605306ba2ec9fd883dd8b1299fe9184bf8c Author: Stephen Hemminger <[email protected]> Date: Wed Apr 7 08:29:56 2010 -0700 Package now depends on audit library commit ddcfa45b9c1b3c653f0f1b4bd0b997266f5bb5aa Author: Stephen Hemminger <[email protected]> Date: Tue Apr 6 09:19:49 2010 -0700 Turn on auditing for Vyatta bash The original patch turned on auditing iff shell was named aubash and user was root. We change that to be always on if shell if vbash. commit d80c542a77015bdc882ff3434c9eeb1a660ecdfb Author: Stephen Hemminger <[email protected]> Date: Mon Apr 5 09:52:45 2010 -0700 Fix spelling error warning commit c6a8e270ab694c2291216b8c554c2f5f9dcf0fd0 Author: Stephen Hemminger <[email protected]> Date: Mon Apr 5 09:48:26 2010 -0700 Add auditing support to bash This is based on earlier (unaccepted) patch to add auditing support which wasd done by Steve Grubb at Redhat. This patch depends on audit 1.4 to provide a logging function. The resulting audit message looks like this: time->Tue Jan 30 18:23:45 2007 type=USER_CMD msg=audit(1170199425.793:143): user pid=22862 uid=0 auid=0 subj=system_u:system_r:unconfined_t:s0-s0:c0.c1023 msg='cwd=2F726F6F742F7465737420646972 cmd=6C73202D6C (terminal=tty1 res=success)' Which translates to: type=USER_CMD msg=audit(01/30/2007 18:23:45.793:143) : user pid=22862 uid=root auid=root subj=system_u:system_r:unconfined_t:s0-s0:c0.c1023 msg='cwd=/root/test dir cmd=ls -l (terminal=tty1 res=success)' This patch causes bash to log all command line arguments when the shell is started as aubash or "bash --audit". The preferred methos is to make a symlink frp, bash to aubash and then add aubash to /etc/shells. Then you can change root's shell to aubash. http://suva.vyatta.com/git/?p=vyatta-bash.git;a=commitdiff;h=4bff79ebc8372329f8c1dd4f97a5b9a8d5c06eb6 http://suva.vyatta.com/git/?p=vyatta-bash.git;a=commitdiff;h=5390d9b8f5f60c0024c974cd6002369ee12f7ee1 http://suva.vyatta.com/git/?p=vyatta-bash.git;a=commitdiff;h=1323b605306ba2ec9fd883dd8b1299fe9184bf8c http://suva.vyatta.com/git/?p=vyatta-bash.git;a=commitdiff;h=ddcfa45b9c1b3c653f0f1b4bd0b997266f5bb5aa http://suva.vyatta.com/git/?p=vyatta-bash.git;a=commitdiff;h=d80c542a77015bdc882ff3434c9eeb1a660ecdfb http://suva.vyatta.com/git/?p=vyatta-bash.git;a=commitdiff;h=c6a8e270ab694c2291216b8c554c2f5f9dcf0fd0 _______________________________________________ svn mailing list [email protected] http://mailman.vyatta.com/mailman/listinfo/svn
