A lot of times there is a need to log all the messages and the output of the shell to the file or syslog. Sometimes I need that for some user too. script command can be used to do this but then sometimes you cannot tell the user the session is logged or you can ask the user to run this command and it should be automatically done. And sometimes there is a need put the output in the syslog so that the root user has more control and also mail for syslog is sufficient to be analyzed rather than looking for other files. Finally I found this :

Rootsh is a wrapper for shells which logs all echoed keystrokes and terminal output to a file and/or to syslog. Its mail purpose is the auditing of users who need a shell with root privileges. They start rootsh through the sudo mechanism.

This package is there in the Fedora repo’s so all you need to do to install this is:

yum install rootsh

While you try to run this you might get a error like this:

/var/log/rootsh/amitag.20081215084812.04771: No such file or directory

One quick way to fix this is to run with ”-d” option.

This problem mainly comes becomes it is mainly designed to be used with sudo. So the choice of how to use is left to you, but indeed a great tool for auditing.

Related Articles:

• 2009/10/01   Boot Linux Over HTTP With boot.kernel.org (BKO)
• 2009/09/26   7-deadly-linux-commands
• 2009/09/26   Configure sendmail for SMTP relay with your ISP
• 2009/09/26   Script to generate a html file with link to all files in directory
• 2009/09/17   top command with rc to make it more useful and beautiful.