Question zsh

Question zsh

[Ono Soul]

	Probably this will be a question more for admin but i wonder if I
can recive some help form you all guys.
	I'm having problems to save the zsh history file in the users
directories the file .zsh_history 
	I wonder if there is posible to save the .zsh_history in their
directories /home/user1/.zsh_history but with no privileges from user1 to
modify it or deleted.
	What I'm trying to do is to have a .zsh_history in users
directories that can save all the history of every single user in the
/home

	Can some one tell me if in the /etc/zshrc is posible to modify it
or do some trick to do this stuff that i'm trying to do.
Thank You

"01100101 01101100 01100101 01100101 01110100  01101011 01101001 01100100"
		       
	              "01101010 00101101 01110101"

Re: Question zsh

[Bart Schaefer]

On Oct 29,  9:52pm, Ono Soul wrote:
} Subject: Question zsh
}
} 	I wonder if there is posible to save the .zsh_history in their
} directories /home/user1/.zsh_history but with no privileges from user1 to
} modify it or deleted.
} 	What I'm trying to do is to have a .zsh_history in users
} directories that can save all the history of every single user in the
} /home

I'm not sure what this means.

Do you mean you want all users to share the SAME history file in
/home/user1/, so they can all see what each of the others did during
previous login sessions?

Or do you mean you want each user to have his own file, but to keep all
those history files in /home/user1/?

Or do you mean you want each user to have a file in his own home directory,
but you want to copy the contents of everybody's history files into one
big file in /home/user1/?

Why would you want to do any of those things?  I can think of some things
you might do in /etc/zlogout, but none of them feel very safe to me, and
in any case you can't prevent a user from doing "kill -9 $$" to blow his
shell away without giving it a chance to write anything anywhere.

-- 
Bart Schaefer                                 Brass Lantern Enterprises
http://www.well.com/user/barts              http://www.brasslantern.com

Re: Question zsh

[TGAPE!]

Jason Price wrote:
> 
>>> I'm not sure what this means.
>> I _think_ he wants each user to have a history file that they can't
>> delete, as a sort of audit trail of their activities.
> 
> IF this is the case, then the shell is the wrong place to be doing this.  I
> know Solaris has the capabilitys to do full process accounting.  That is,
> log detailed info about what processes people run.
> 
> I would be willing to bet that other OS's have this capability.

Linux has this ability by 2.1.125.  User-side support is a little
lacking right now, though.  (Course, not much is needed.  I've only
recently gotten this kernel, and I haven't upgraded enough of my
software I can run it full-time yet.  Because of this, I haven't had
much time to play with it.)

However, it doesn't contain much in the way of command-line flags; I
think I'd like to see the option of having a separate file store command
lines, so that you could have arbitrary-length records which don't slow
down processes which don't care about them.

Ed

Re: Question zsh

[Jason Price]

> > I'm not sure what this means.
> I _think_ he wants each user to have a history file that they can't
> delete, as a sort of audit trail of their activities.

IF this is the case, then the shell is the wrong place to be doing this.  I
know Solaris has the capabilitys to do full process accounting.  That is,
log detailed info about what processes people run.

I would be willing to bet that other OS's have this capability.

Jason

-- 
"Where will I go?"  "Somewhere where they know nothing about computing...
Where they wouldn't know a RAM chip from a potato chip!"
"But I don't want to visit Microsoft!"  --the PFY and the BOFH
Jason Price          jprice@gatech.edu          Theta Xi, Beta Alpha 449

Re: Question zsh

[jr]

> } 	I wonder if there is posible to save the .zsh_history in their
> } directories /home/user1/.zsh_history but with no privileges from user1 to
> } modify it or deleted.
> } 	What I'm trying to do is to have a .zsh_history in users
> } directories that can save all the history of every single user in the
> } /home
> 
> I'm not sure what this means.

I _think_ he wants each user to have a history file that they can't delete, as 
a sort of audit trail of their activities.

Since this file is in their home area, they automatically have rights to 
delete it (since the have rights to the directory it is contained in).  You 
could to set up a directory where they have execute permissions (111) and 
write permission (222) to the log file which would achieve the desired result, 
but they could cp /dev/null to the file to blank it.

You could hide the location, but a strings or truss could find the filename 
location; making the zsh executable suid and immediately suid back to real 
user ID would prevent truss, while making the permissions 111 would prevent 
strings from working.

The other option is to fork an suid process to do the logging, but this 
obviously has it's own set of security problems _or_ you could set up a daemon 
to do the logging (through loopback interface using sockets?).  Both methods 
would require substantial rewriting of the code.

-- 
John Riddoch	Email: jr@scms.rgu.ac.uk	Telephone: (01224)262730
Room C4, School of Computer and Mathematical Science
Robert Gordon University, Aberdeen, AB25 1HG
"Just once, I wish we would encounter an alien menace that wasn't
 immune to bullets" -- The Brigader, "Dr. Who"