From owner-freebsd-ports-bugs@FreeBSD.ORG Tue Mar 22 13:20:01 2011 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9F02E1065672 for ; Tue, 22 Mar 2011 13:20:01 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 58B648FC1D for ; Tue, 22 Mar 2011 13:20:01 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p2MDK16o065769 for ; Tue, 22 Mar 2011 13:20:01 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p2MDK1Ck065768; Tue, 22 Mar 2011 13:20:01 GMT (envelope-from gnats) Resent-Date: Tue, 22 Mar 2011 13:20:01 GMT Resent-Message-Id: <201103221320.p2MDK1Ck065768@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Alexander Kriventsov Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7A51A106566C for ; Tue, 22 Mar 2011 13:09:57 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22]) by mx1.freebsd.org (Postfix) with ESMTP id 5E8AE8FC1C for ; Tue, 22 Mar 2011 13:09:57 +0000 (UTC) Received: from red.freebsd.org (localhost [127.0.0.1]) by red.freebsd.org (8.14.4/8.14.4) with ESMTP id p2MD9vL5077169 for ; Tue, 22 Mar 2011 13:09:57 GMT (envelope-from nobody@red.freebsd.org) Received: (from nobody@localhost) by red.freebsd.org (8.14.4/8.14.4/Submit) id p2MD9vln077168; Tue, 22 Mar 2011 13:09:57 GMT (envelope-from nobody) Message-Id: <201103221309.p2MD9vln077168@red.freebsd.org> Date: Tue, 22 Mar 2011 13:09:57 GMT From: Alexander Kriventsov To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Cc: Subject: ports/155782: [PATCH] shells/bash3: Add logging user history to syslog X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Mar 2011 13:20:01 -0000 >Number: 155782 >Category: ports >Synopsis: [PATCH] shells/bash3: Add logging user history to syslog >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Tue Mar 22 13:20:00 UTC 2011 >Closed-Date: >Last-Modified: >Originator: Alexander Kriventsov >Release: 8.1-RELEASE >Organization: Hosting Community >Environment: FreeBSD localhost 8.1-RELEASE FreeBSD 8.1-RELEASE #0: Mon Aug 2 02:56:18 UTC 2010 root@localhost:/usr/obj/usr/src/sys/GENERIC amd64 >Description: Add logging user history to syslog >How-To-Repeat: >Fix: Patch attached with submission follows: --- shells/bash3/Makefile 2011-03-22 11:45:31.000000000 +0000 +++ shells/bash3/Makefile.orig 2011-03-22 11:42:03.000000000 +0000 @@ -9,7 +9,6 @@ PORTNAME= bash PATCHLEVEL= 51 PORTVERSION= 3.2.${PATCHLEVEL:S/^0//g} -PORTREVISION= 1 CATEGORIES= shells MASTER_SITES= ${MASTER_SITE_GNU:S/$/:bash/} \ ftp://ftp.cwru.edu/pub/%SUBDIR%/:faq @@ -42,10 +41,6 @@ EXTRA_PATCHES+= ${PATCHDIR}/xpatch-colonbreakswords .endif -.if defined(WITH_BASH_SYSLOG) -EXTRA_PATCHES+= ${PATCHDIR}/xpatch-bash-3.1-bash-logger -.endif - MAN1= bash.1 bashbug.1 INFO= bash --- shells/bash3/files/xpatch-bash-3.1-bash-logger 2011-03-22 11:45:44.000000000 +0000 +++ shells/bash3/files/xpatch-bash-3.1-bash-logger 2011-03-22 11:42:49.000000000 +0000 @@ -0,0 +1,89 @@ +Add support for logging bash commands via syslog(). +Useful for deploying in honeypot environments. + +http://bugs.gentoo.org/91327 +http://www.nardware.co.uk/Security/html/bashlogger.htm + +--- bashhist.c ++++ bashhist.c +@@ -705,7 +705,7 @@ + { + hist_last_line_added = 1; + hist_last_line_pushed = 0; +- add_history (line); ++ add_history (line, 1); + history_lines_this_session++; + } + +--- lib/readline/histexpand.c ++++ lib/readline/histexpand.c +@@ -1222,9 +1222,7 @@ + + if (only_printing) + { +-#if 0 +- add_history (result); +-#endif ++ add_history (result, 1); + return (2); + } + +--- lib/readline/histfile.c ++++ lib/readline/histfile.c +@@ -262,7 +262,7 @@ + { + if (HIST_TIMESTAMP_START(line_start) == 0) + { +- add_history (line_start); ++ add_history (line_start, 0); + if (last_ts) + { + add_history_time (last_ts); +--- lib/readline/history.c ++++ lib/readline/history.c +@@ -31,6 +31,8 @@ + + #include + ++#include ++ + #if defined (HAVE_STDLIB_H) + # include + #else +@@ -246,10 +250,23 @@ + /* Place STRING at the end of the history list. The data field + is set to NULL. */ + void +-add_history (string) +- const char *string; ++add_history (string, logme) ++ const char *string; ++ int logme; /* 0 means no sending history to syslog */ + { + HIST_ENTRY *temp; ++ if (logme) { ++ char trunc[600]; /* arbitrary max size of 600 bytes */ ++ if (strlen(string) < sizeof(trunc)) { ++ syslog(LOG_LOCAL5 | LOG_INFO, "HISTORY: PID=%d UID=%d %s", ++ getpid(), getuid(), string); ++ } else { ++ memcpy(trunc, string, sizeof(trunc)); ++ trunc[sizeof(trunc) - 1] = '\0'; ++ syslog(LOG_LOCAL5 | LOG_INFO, "HISTORY: PID=%d UID=%d %s(++TRUNC)", ++ getpid(), getuid(), trunc); ++ } ++ } + + if (history_stifled && (history_length == history_max_entries)) + { +--- lib/readline/history.h ++++ lib/readline/history.h +@@ -80,7 +80,7 @@ + + /* Place STRING at the end of the history list. + The associated data field (if any) is set to NULL. */ +-extern void add_history PARAMS((const char *)); ++extern void add_history PARAMS((const char *, int )); + + /* Change the timestamp associated with the most recent history entry to + STRING. */ >Release-Note: >Audit-Trail: >Unformatted: