« Get topleft position of a element in javascript | Main | Calculate Distance In Mysql with Latitude and Longitude »

Bash Patch to log to mySQL

So at work we wanted to create a centralized syslog server. I had a great idea of why don't we log all user commands run on all servers into mysql. I knew about the bash-paranoia patch so that gave me the idea of using that as my basis for my mysql patch. This should apply to both 3.0 and 3.1 even with all the all the latest security patches included.

So first lets download the paranoia patch

wget http://e133.enemy.cx/xSH-paranoia/download/bash-paranoia.patch

Using that and compiling bash with ---enable-paranoia will allow you to log all user commands to syslog.

So now lets download my patch now

wget http://zcentric.com/bash-mysql.patch

Now if you want to apply it to bash 3.1 I will give a little howto on how to do that. All in 1 step

You want to create the following table in a mysql database


CREATE TABLE `logs` (
`rowid` mediumint(8) NOT NULL auto_increment
`host` varchar(100) character set utf8 collate utf8_unicode_ci NOT NULL default '',
`user` varchar(100) character set utf8 collate utf8_unicode_ci NOT NULL default '',
`as_user` varchar(100) character set utf8 collate utf8_unicode_ci NOT NULL default '',
`ip` varchar(100) character set utf8 collate utf8_unicode_ci NOT NULL default '',
`ut_line` varchar(100) character set utf8 collate utf8_unicode_ci NOT NULL default '',
`command` text character set utf8 collate utf8_unicode_ci NOT NULL,
`ts` timestamp NOT NULL default CURRENT_TIMESTAMP,
PRIMARY KEY (`rowid`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;


Now that mysql table is made lets install bash and patch it and all that good stuff

wget http://ftp.gnu.org/gnu/bash/bash-3.1.tar.gz
tar zxfv bash-3.1.tar.gz
cd bash-3.1
wget http://e133.enemy.cx/xSH-paranoia/download/bash-paranoia.patch
wget http://zcentric.com/bash-mysql.patch
patch -p0 < bash-paranoia.patch
patch -p1 < bash-mysql.patch
autoconf
./configure --enable-paranoia --prefix=/usr
make

Now the config file to let bash know where the mysql server is. Now if the mysql server is down bash shouldn't crash or anything.

So you have to create a file /etc/bash.conf and use the following lines.

SERVER=192.168.0.10
USER=username
PASS=password
DB=dbName

Now you should be able to like run /path/to/bash-3.1/bash and it should bring you to a new shell that is now the bash version with mysql. You should now be able to type commands it it will log to mysql!

You can then run make install if you wish to install

Posted on March 1, 2007 5:04 PM |

TrackBack

TrackBack URL for this entry:
http://www.zcentric.com/cgi-bin/mt-tb.cgi/12

Comments (2)

Mark:

Very sexy little mod, I'm going to give this a go. Might even suggest it for work :D

Posted by Mark | March 1, 2007 5:54 PM

Posted on March 1, 2007 17:54

thalios73:

Suh-weet. I likey!

Posted by thalios73 | March 1, 2007 6:25 PM

Posted on March 1, 2007 18:25

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Search


About

This page contains a single entry from the blog posted on March 1, 2007 5:04 PM.

The previous post in this blog was Get topleft position of a element in javascript.

The next post in this blog is Calculate Distance In Mysql with Latitude and Longitude.

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]
Powered by
Movable Type 3.33