Re: adding history logging "automagically" :)

["Joe D" <joe.divola@gmail.com>]

[-- Attachment #1: Type: text/plain, Size: 2432 bytes --]

On 7/9/07, Bart Schaefer <schaefer@brasslantern.com> wrote:
>
> On Jul 9,  1:41pm, Joe D wrote:
> }
> } So in a nutshell, all I want to do is modify 'zsh' source
>
> Ick.  Don't do that.



If there's a way to 'hide' it from the regular users (sure, those more
ambitious will figure it out, but not worried about them), then i'd do it.


>
> I don't think you want SHARE_HISTORY - that means the shells pass the
> current history around among themselves while they are running.  You
> don't really want Alice to see Bob's commands, do you?



Good point.


Also I think APPEND_HISTORY is redundant with INC_APPEND_HISTORY, but
> it probably won't hurt anything.



Okay.



In any case you're going to be defeated here by a zsh security feature
> that prevents the shell from using a history file that is owned and/or
> writable by someone else.  Each shell will try to assume ownership of
> the file and remove group/other write permission, so there will be a
> mad scramble of unlinking/recreating of the file as each shell notices
> that one of the others has tried to grab it.  That's probably why you
> can't find the file even though you can find the lock.



Ah, ok...


The best you might be able to do is
>
> HISTFILE=/opt/some_location/.$USER.log
>
> so that every user has his or her own history file in some_location.
>
> Beyond that, I suggest placing
>
> if [[ $USER = (list|of|problem|users) ]]; then
>   readonly HISTSIZE=1000
>   readonly SAVEHIST=1000
>   readonly HISTFILE=/opt/some_location/.$USER.log
>   setopt APPEND_HISTORY
>   setopt INC_APPEND_HISTORY
>   setopt EXTENDED_HISTORY
> fi
>
> in /etc/zshenv, which is always run (unless the shell was configured
> with --disable-zshenv).  Using EXTENDED_HISTORY will give you time
> stamps on the entries, so you can combine and sort the users' log
> files to determine the order of events.
>
> They could still deliberately mess you up by frobbing those setopts
> later ... so I suppose if you must hack the source, the place to put
> your dosetopt() calls would be in Src/init.c, in loop(), with an
> "if (toplevel)" test protecting them.  But if your users are so badly
> behaved as to ignore your instructions to leave those options alone,
> you have worse problems than just tracking down what happened when.
>


Good suggestions - thanks Bart.  I'll give the /etc/zshenv options a try and
see if that is enough to handle our problem users.

Thanks,
Joe.

[-- Attachment #2: Type: text/html, Size: 3678 bytes --]