Rootsh is a wrapper for shells that logs all echoed keystrokes and terminal output to a file and/or to syslog. Its main purpose is the surveillance of users who need root privileges. They start rootsh through the sudo mechanism.
Sometimes users have to perform tasks on a system which are too complex to be wrote in sudo commands.Sometimes there is management pressure to give a user a root shell. Sometimes you're just tired arguing with users who insist in having root privileges.
With rootsh you can give your users access to a root shell while auditing their actions.
rootsh works very much like the script utility. It forks and creates a master/slave pseudo terminal pair. The slave pseudo terminal will become the controlling terminal of the child process which will execute a shell command. The parent process waits for input from the
user's terminal and sends it down the master pty. Every output including the echoed input will be written to a logfile and to the syslog daemon.
What's New in This Release:
· initial release 0.1
· since then
· added version() and usage() to rootsh
· modified pty module handling for AIX
· switched setupshell and beginlogging
· posix sigaction is now the preferred signal handling
· configure.in tests for sys/select.h