Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

Close

Patch for logging ttyname

Help
2010-09-24
2013-05-23
  • Hello all,
    Thank you for this great piece software. In my case, I'd like to see the tty names of the executed commands. So I have prepared a patch to log the tty name. This is useful when you have users using su - or sudo su -
    Anyway I'm pasting it below:
    diff -Naur snoopy-1.7.1.org/snoopy.c snoopy-1.7.1/snoopy.c
    -- snoopy-1.7.1.org/snoopy.c 2010-08-05 02:03:05.000000000 +0300
    +++ snoopy-1.7.1/snoopy.c 2010-09-23 18:10:13.000000000 +0300
    @@ -50,6 +50,7 @@
    int     i               = 0;
    int     argc            = 0;
    size_t  argLength       = 0;
    + char *ttypath = NULL;

    @@ -62,6 +63,13 @@
    // Count number of arguments
    for (argc=0 ; *(argv+argc) != '\0' ; argc++);

    + // Get ttyname
    + ttypath = ttyname(0);
    + if (ttypath == NULL) {
    + ttypath = malloc(sizeof(int)*10);
    + ttypath = "Undefined\0";
    + }
    +

    // Allocate memory for logString
    logStringLength = 0;
    @@ -84,13 +92,15 @@
    openlog("snoopy", LOG_PID, LOG_AUTHPRIV);
    #if defined(SNOOPY_CWD_LOGGING)
    getCwdRet = getcwd(cwd, PATH_MAX+1);
    - syslog(LOG_INFO, ": %s", getuid(), getsid(0), cwd, filename, logString);
    + syslog(LOG_INFO, ": %s", getuid(), getsid(0), cwd, filename, ttypath, logString);
    #else
    - syslog(LOG_INFO, ": %s", getuid(), getsid(0), filename, logString);
    + syslog(LOG_INFO, ": %s", getuid(), getsid(0), filename, ttypath, logString);
    #endif

    // Free the logString memory
    free(logString);
    +
    + free(ttypath);
    }

     
  • Added to 1.7.2 release, very useful, thanks.

    Next time, please provile link to a patch, if I copy/paste it from here it puts everything in a single line.

    PS: I forgot to put your name in ChangeLog, fixed in git. will be added in next release. Thanks again for suggestion and patch.

     
  • hi
    I've spotted serious errors on my patch. Core dumps will happen for sure. Anyway I've fixed it but I can't upload anywhere from the office. I'll try to upload it to my server tonight. Sorry about that.
    I've also made a modification in the Makefile.in for the lib64 installation for 64-bit systems and destdir support for rpms. I'll upload a spec file for suse systems (I don't have a redhat system to test). It would be great if you review them.
    Blessings

     
  • Hi Aldemira.

    Patch for tty logging has already been incorporated in release 1.7.2.
    Release 1.7.5 includes other 2 patches, (a bit modified variations). Thanks for your submission!

     
  • 1.7.6 is final.

    1.7.5 was buggy and it installed library into /lib every time. Did you check you patch?
    Anyway, fixed now.

     
  • Didn't realize the version upgrade. I will check for the versions next time. Thanks!