编译bash实现history的syslog日志记录

前端之家收集整理的这篇文章主要介绍了编译bash实现history的syslog日志记录前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。

一、下载bash源码包

[root@repoother_x86_64]#http://vault.centos.org/6.9/os/Source/SPackages/bash-4.1.2-48.el6.src.rpm

二、安装源码包

[root@repoother_x86_64]#rpm-ivhbash-4.1.2-48.el6.src.rpm#警告可以忽略
1:bashwarning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
###########################################[100%]
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroot
warning:usermockbuilddoesnotexist-usingroot
warning:groupmockbuilddoesnotexist-usingroo

spacer.gif

wKioL1l21myi-066AAD32PdoAR4430.png

[root@repo~]#ll
total7208056
-rw-------.1rootroot1891Jul72016anaconda-ks.cfg
-rw-r--r--1rootroot6686039Jul112016bash-4.1.2-40.el6.src.rpm
-rw-r--r--.1rootroot41443Jul72016install.log
-rw-r--r--.1rootroot7572Jul72016install.log.syslog
drwxr-xr-x8rootroot4096Jul112016rpmbuild
[root@repo~]#cdrpmbuild/
[root@reporpmbuild]#ll
total24
drwxr-xr-x3rootroot4096Jul112016BUILD
drwxr-xr-x2rootroot4096Jul112016BUILDROOT
drwxr-xr-x3rootroot4096Jul112016RPMS
drwxr-xr-x4rootroot4096Jul2510:47SOURCES
drwxr-xr-x2rootroot4096Jul2510:47SPECS
drwxr-xr-x2rootroot4096Jul112016SRPMS

wKioL1l21vLjBu5eAAAlonWNr2s356.png

三、重新编译

[root@reporpmbuild]#cdSOURCES/
[root@repoSOURCES]#tarxfbash-4.1.tar.gz
[root@repoSOURCES]#cp-abash-4.1bash-4.1-orig
[root@repoSOURCES]#cdbash-4.1
[root@repobash-4.1]#vimconfig-top.h+104
/*#defineSYSLOG_HISTORY*/
#ifdefined(SYSLOG_HISTORY)
#defineSYSLOG_FACILITYLOG_USER
#defineSYSLOG_LEVELLOG_INFO
#endif

wKioL1l22AzR7CcBAAATFhAmnSQ905.png

修改

#defineSYSLOG_HISTORY
#ifdefined(SYSLOG_HISTORY)
#defineSYSLOG_FACILITYLOG_LOCAL1
#defineSYSLOG_LEVELLOG_DEBUG
#endif

wKioL1l22FiiO6f7AAASF5KO9Fg645.png

[root@repobash-4.1]#vimbashhist.c+701
void
bash_syslog_history(line)
constchar*line;
{
chartrunc[SYSLOG_MAXLEN];
if(strlen(line)<SYSLOG_MAXLEN)
syslog(SYSLOG_FACILITY|SYSLOG_LEVEL,"HISTORY:PID=%dUID=%d%s",getpid(),current_user.uid,line);
else
{
strncpy(trunc,line,SYSLOG_MAXLEN);
trunc[SYSLOG_MAXLEN-1]='\0';
syslog(SYSLOG_FACILITY|SYSLOG_LEVEL,"HISTORY(TRUNCATED):PID=%dUID=%d%s",trunc);
}
}

wKiom1l22KSBF8hpAAA5c35bMcA415.png

修改

void
bash_syslog_history(line)
constchar*line;
{
chartrunc[SYSLOG_MAXLEN];
if(strlen(line)<SYSLOG_MAXLEN)
syslog(SYSLOG_FACILITY|SYSLOG_LEVEL,"HISTORY:PPID=%dPID=%dSID=%dUID=%dUser=%s%s",getppid(),getsid(getpid()),current_user.user_name,"HISTORY(TRUNCATED):PPID=%dPID=%dSID=%dUID=%dUser=%s%s",trunc);
}
}
#endif

wKioL1l22O7DLKDuAABB6WxDJFw436.png

[root@repobash-4.1]#cd..
[root@repoSOURCES]#diff-Nprubash-4.1-origbash-4.1>bash_history_syslog.patch
[root@repoSOURCES]#ls
bash-2.02-security.patchbash-4.1-bind_int_variable.patchbash-4.1-origbash-4.3-fix-terminate_immediately.patch
bash-2.03-paths.patchbash-4.1-brace-expansion.patchbash-4.1-posix-block-size-for-cf-options.patchbash-4.3-read-sigterm.patch
bash-2.03-profile.patchbash-4.1-broken_pipe.patchbash-4.1-sighup-deadlock.patchbash-4.4-param-expansion.patch
bash-2.05a-interpreter.patchbash-4.1-defer-sigchld-trap.patchbash-4.1-signal.patchbash-bashbug.patch
bash-2.05b-debuginfo.patchbash-4.1-enable-hyphened-fn-export.patchbash-4.1-signal-sarestart.patchbash-cve-2016-9401.patch
bash-2.05b-manso.patchbash-4.1-env-inject.patchbash-4.1.tar.gzbash_history_syslog.patch
bash-2.05b-pgrp_sync.patchbash-4.1-examples.patchbash-4.1-trap.patchbash-infotags.patch
bash-2.05b-readline-oom.patchbash-4.1-extglob-man.patchbash-4.2-1207042-double-alloc.patchbash-requires.patch
bash-2.05b-xcc.patchbash-4.1-fd-leaks.patchbash-4.2-1240994-case-in-command-subst.patchbash-setlocale.patch
bash-3.2-audit.patchbash-4.1-here-strings.patchbash-4.2-1250070-ifs-in-temp-env.patchbash-sighup.patch
bash-3.2-ssh_source_bash.patchbash-4.1-history-hang.patchbash-4.2-1260568-bash-debugger.patchbash-tty-tests.patch
bash-4.0-nobits.patchbash-4.1-logout.patchbash-4.2-cve-2014-7169-0.patchdot-bash_logout
bash-4.1bash-4.1-loop-bracket-comsub.patchbash-4.2-cve-2014-7169-1.patchdot-bash_profile
bash41-001bash-4.1-manpage.patchbash-4.2-cve-2014-7169-2.patchdot-bashrc
bash41-002bash-4.1-manpage_trap.patchbash-4.2-param-subst-mem-leak.patch
bash41-016bash-4.1-mem-leaks.patchbash-4.3-cve-2016-0634.patch
bash41-017bash-4.1-noecho.patchbash-4.3-cve-2016-7543.patch
[root@repoSOURCES]#cd..
[root@reporpmbuild]#cdSPECS/
[root@repoSPECS]#ls
bash.spec
[root@repoSPECS]#vimbash.spec
#Otherpatches
Patch101:bash-2.02-security.patch
Patch102:bash-2.03-paths.patch
Patch103:bash-2.03-profile.patch
Patch104:bash-2.05a-interpreter.patch
Patch105:bash-2.05b-debuginfo.patch
Patch106:bash-2.05b-manso.patch
Patch107:bash-2.05b-pgrp_sync.patch
Patch108:bash-2.05b-readline-oom.patch
Patch109:bash-2.05b-xcc.patch
Patch110:bash-3.2-audit.patch
Patch112:bash-3.2-ssh_source_bash.patch
Patch113:bash-bashbug.patch
Patch115:bash-infotags.patch
Patch116:bash-requires.patch
Patch117:bash-setlocale.patch
Patch118:bash-tty-tests.patch
Patch119:bash_history_syslog.patch#增加内容
......
#Otherpatches
%patch101-p1-b.security
%patch102-p1-b.paths
%patch103-p1-b.profile
%patch104-p1-b.interpreter
%patch105-p1-b.debuginfo
%patch106-p1-b.manso
%patch107-p1-b.pgrp_sync
%patch108-p1-b.readline_oom
%patch109-p1-b.xcc
%patch110-p1-b.audit
%patch112-p1-b.ssh_source_bash
%patch113-p1-b.bashbug
%patch115-p1-b.infotags
%patch116-p1-b.requires
%patch117-p1-b.setlocale
%patch118-p1-b.tty_tests
%patch119-p1-b.history_syslog#增加内容
%patch123-p1-b.nobits
%patch124-p1-b.examples
%patch125-p1-b.bind_int_variable
%patch126-p1-b.broken_pipe
%patch127-p1-b.manpage
%patch128-p1-b.defer-sigchld-trap

@L_502_6@

wKioL1l22kmw9zltAABe-F9bAvc799.png

[root@repo~]#yuminstalltexinfo#在另一窗口安装
[root@repoSPECS]#rpmbuild-babash.spec
+exit0
Processingfiles:bash-4.1.2-48.el6.x86_64
Provides:config(bash)=4.1.2-48.el6
Requires(interp):/bin/sh
Requires(rpmlib):rpmlib(BuiltinLuaScripts)<=4.2.2-1rpmlib(CompressedFileNames)<=3.0.4-1rpmlib(FileDigests)<=4.6.0-1rpmlib(PayloadFilesHavePrefix)<=4.0-1
Requires(post):ncurses-libs
Requires(postun):/bin/sh
Requires:/bin/shlibc.so.6()(64bit)libc.so.6(GLIBC_2.11)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libdl.so.2()(64bit)libdl.so.2(GLIBC_2.2.5)(64bit)libtinfo.so.5()(64bit)rtld(GNU_HASH)
Processingfiles:bash-doc-4.1.2-48.el6.x86_64
Requires(rpmlib):rpmlib(CompressedFileNames)<=3.0.4-1rpmlib(FileDigests)<=4.6.0-1rpmlib(PayloadFilesHavePrefix)<=4.0-1
Requires:/bin/bash/bin/sh
Processingfiles:bash-debuginfo-4.1.2-48.el6.x86_64
Checkingforunpackagedfile(s):/usr/lib/rpm/check-files/root/rpmbuild/BUILDROOT/bash-4.1.2-48.el6.x86_64
Wrote:/root/rpmbuild/SRPMS/bash-4.1.2-48.el6.src.rpm
Wrote:/root/rpmbuild/RPMS/x86_64/bash-4.1.2-48.el6.x86_64.rpm
Wrote:/root/rpmbuild/RPMS/x86_64/bash-doc-4.1.2-48.el6.x86_64.rpm
Wrote:/root/rpmbuild/RPMS/x86_64/bash-debuginfo-4.1.2-48.el6.x86_64.rpm
Executing(%clean):/bin/sh-e/var/tmp/rpm-tmp.0zbnT0
+umask022
+cd/root/rpmbuild/BUILD
+cdbash-4.1
+rm-rf/root/rpmbuild/BUILDROOT/bash-4.1.2-48.el6.x86_64
+exit0

wKiom1l22qWDCVWAAACP_ulqumo738.png

四、重新安装bash

[root@reporpmbuild]#cdRPMS
[root@repoRPMS]#ll
total4
drwxr--r--2rootroot4096Jul2513:08x86_64
[root@repoRPMS]#cdx86_64/
[root@repox86_64]#ll
total5128
-rw-r--r--1rootroot931232Jul2513:08bash-4.1.2-48.el6.x86_64.rpm
-rw-r--r--1rootroot1374956Jul2513:08bash-debuginfo-4.1.2-48.el6.x86_64.rpm
-rw-r--r--1rootroot2939332Jul2513:08bash-doc-4.1.2-48.el6.x86_64.rpm
[root@repox86_64]#rpm-Uvh--forcebash-4.1.2-48.el6.x86_64.rpm
Preparing...###########################################[100%]
1:bash###########################################[100%]

wKioL1l22yrQqRbDAAAz5-Lcwig207.png

wKiom1l22yuw9jiAAAAPwjEIXkU007.png


五、配置rsyslog日志服务

[root@repox86_64]#cat/etc/rsyslog.conf
local1.debug/var/log/bash_history.log

wKioL1l228WCYUPLAAAF520Llj8186.png

[root@repox86_64]#tail-f/var/log/bash_history.log
Jul2513:10:28repo-bash:HISTORY:PPID=29829PID=29831SID=29831UID=0User=rootcdx86_64/
Jul2513:10:30repo-bash:HISTORY:PPID=29829PID=29831SID=29831UID=0User=rootll
Jul2513:12:57repo-bash:HISTORY:PPID=29829PID=29831SID=29831UID=0User=rootbash--version
Jul2513:13:46repo-bash:HISTORY:PPID=29829PID=29831SID=29831UID=0User=rootrpm-Uvh--forcebash-4.1.2-48.el6.x86_64.rpm
Jul2513:13:49repo-bash:HISTORY:PPID=29829PID=29831SID=29831UID=0User=rootll
Jul2513:15:04repo-bash:HISTORY:PPID=29829PID=29831SID=29831UID=0User=rootcpbash-4.1.2-48.el6.x86_64.rpm/var/repo/other_x86_64/
Jul2513:15:17repo-bash:HISTORY:PPID=29829PID=29831SID=29831UID=0User=rootcat/etc/rsyslog.conf
Jul2513:15:33repo-bash:HISTORY:PPID=29829PID=29831SID=29831UID=0User=rootll/var/log/bash_history.log
Jul2513:15:48repo-bash:HISTORY:PPID=29829PID=29831SID=29831UID=0User=rootmore/var/log/bash_history.log
Jul2513:16:19repo-bash:HISTORY:PPID=29829PID=29831SID=29831UID=0User=roottail-f/var/log/bash_history.log
Jul2513:16:30repo-bash:HISTORY:PPID=5208PID=5210SID=5210UID=0User=rootll

wKiom1l23APTuqJsAABuK8qT88k814.png

原文链接:https://www.f2er.com/bash/391852.html

猜你在找的Bash相关文章