Using sudo to track root transactions
Ron Woerner
ron_woerner at csgsystems.com
Tue Feb 22 13:51:58 EST 2000
Joe,
Here is a korn-shell script we created that forces all commands to use sudo.
It doesn't work for pipes "|" and it's just a "quick and dirty", but it works.
(It's been tested on Solaris and AIX).
If you wanted all commands for a user to be run as root using sudo, you could
put this in their .kshrc startup file. I wouldn't recommend it though. If a
user
needs to run as root for a while, have them run this script. When they are
done,
they can exit back to their own account.
Just be carefull because using sudo for all commands could fill-up the log
file fast.
#!/bin/ksh
#
# This script will always run sudo.
# You can either run it seperately (recommended) or
# if you *always* want to run as root, put it in .kshrc
#
# Thanks to Jay
while doitforever=0
do
echo "Root prompt#>\c"
read in
if [ -n "$in" ]; then
if [ "$in" != "exit" ]; then
sudo $in
else
exit 0
fi
fi
done
Joe DeBattista wrote:
> Greetings,
> I've just recently discovered sudo, and I'm interested in using it for
> change management tasks. I'm using version 1.6.2p1 on a few AIX boxes.
> What I'd like to do is be able to have every command issued as root to be
> logged in the sudo log, but I don't want the administrators to have to
> put the word sudo in front of everything. Does anyone have the alias
> command to say "put the word sudo in front of any shell command"? We
> mainly use csh, bsh and ksh. Any help or suggestions will be appreciated.
>
>
>
> Joe DeBattista
> UCSF, ITS
> INTERNET: joed at itsa.ucsf.edu
More information about the sudo-users
mailing list