From e89b40e9c90e94447ba61e20649e9419744f5501 Mon Sep 17 00:00:00 2001 From: Matt Johnston <matt@ucc.asn.au> Date: Mon, 7 Aug 2006 13:41:16 +0000 Subject: [PATCH] Add (disabled by default) LOG_COMMANDS option to log the commands executed by clients. --HG-- extra : convert_revision : bea3887a5875cf3ab8a1331e15e698b37b61fe37 --- options.h | 6 ++++-- svr-chansession.c | 10 ++++++++++ 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/options.h b/options.h index 0349fa92..30fa637a 100644 --- a/options.h +++ b/options.h @@ -199,8 +199,10 @@ etc) slower (perhaps by 50%). Recommended for most small systems. */ * not using the Dropbear client, you'll need to change it */ #define _PATH_SSH_PROGRAM "/usr/bin/dbclient" -/* Multi-purpose binary configuration has now moved. Look at the top - * of the Makefile for instructions, or INSTALL */ +/* Whether to log commands executed by a client. This only logs the + * (single) command sent to the server, not what a user did in a + * shell/sftp session etc. */ +/* #define LOG_COMMANDS */ /******************************************************************* * You shouldn't edit below here unless you know you need to. diff --git a/svr-chansession.c b/svr-chansession.c index 0916e7e6..612885b2 100644 --- a/svr-chansession.c +++ b/svr-chansession.c @@ -588,6 +588,16 @@ static int sessioncommand(struct Channel *channel, struct ChanSess *chansess, } } +#ifdef LOG_COMMANDS + if (chansess->cmd) { + dropbear_log(LOG_INFO, "user %s executing '%s'", + ses.authstate.printableuser, chansess->cmd); + } else { + dropbear_log(LOG_INFO, "user %s executing login shell", + ses.authstate.printableuser); + } +#endif + if (chansess->term == NULL) { /* no pty */ ret = noptycommand(channel, chansess); -- GitLab