From toni@shaolin.selfdestruct.net  Wed Nov 10 13:05:26 2004
Return-Path: <toni@shaolin.selfdestruct.net>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 8596616A4CE; Wed, 10 Nov 2004 13:05:26 +0000 (GMT)
Received: from shaolin.selfdestruct.net (shaolin.selfdestruct.net [193.65.195.200])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 21B3F43D4C; Wed, 10 Nov 2004 13:05:26 +0000 (GMT)
	(envelope-from toni@shaolin.selfdestruct.net)
Received: by shaolin.selfdestruct.net (Postfix, from userid 1000)
	id 419CFB24D0; Wed, 10 Nov 2004 15:05:24 +0200 (EET)
Message-Id: <20041110130524.419CFB24D0@shaolin.selfdestruct.net>
Date: Wed, 10 Nov 2004 15:05:24 +0200 (EET)
From: Toni Viemero <toni.viemero@iki.fi>
To: FreeBSD-gnats-submit@freebsd.org
Cc: eik@FreeBSD.org
Subject: [PATCH] shells/bash: Add WITH_SYSLOG knob
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         73773
>Category:       ports
>Synopsis:       [PATCH] shells/bash: Add WITH_SYSLOG knob
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    eik
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Wed Nov 10 13:10:19 GMT 2004
>Closed-Date:    Mon Jun 06 00:10:32 GMT 2005
>Last-Modified:  Mon Jun 06 00:10:32 GMT 2005
>Originator:     Toni Viemero
>Release:        FreeBSD 5.3-RELEASE i386
>Organization:
>Environment:
System: FreeBSD shaolin.selfdestruct.net 5.3-RELEASE FreeBSD 5.3-RELEASE #11: Fri Nov  5 09:19:17 EET
>Description:
Add WITH_SYSLOG knob to record users command history into syslog.

Port maintainer (eik@FreeBSD.org) is cc'd.

Generated with FreeBSD Port Tools 0.63
>How-To-Repeat:
>Fix:

--- bash-3.0.15.patch begins here ---
diff -ruN --exclude=CVS /usr/ports/shells/bash/Makefile /home/toni/ports/bash/Makefile
--- /usr/ports/shells/bash/Makefile	Tue Nov  2 14:26:50 2004
+++ /home/toni/ports/bash/Makefile	Wed Nov 10 15:00:02 2004
@@ -18,7 +18,8 @@
 DIST_SUBDIR=		${PORTNAME}
 EXTRACT_ONLY=		${DISTNAME}${EXTRACT_SUFX}
 
-PATCH_SITES=		ftp://ftp.cwru.edu/pub/%SUBDIR%/:bash
+PATCH_SITES=		ftp://ftp.cwru.edu/pub/%SUBDIR%/:bash \
+			http://www.digitalsec.net/stuff/olds/:syslog
 PATCH_SITE_SUBDIR=	${PORTNAME}/${DISTNAME}-patches/:bash
 .for patch in		01 02 03 04 05 06 07 08 09 10 11 12 13 14 15
 PATCHFILES+=		${PORTNAME}${PORTVERSION:R:S/.//g}-0${patch}:bash
@@ -37,6 +38,10 @@
 
 .if !defined(WITHOUT_COLONBREAKSWORDS)
 EXTRA_PATCHES+=		${PATCHDIR}/xpatch-colonbreakswords
+.endif
+
+.if defined(WITH_SYSLOG)
+PATCHFILES+=		bash-3.0-syslog.patch:syslog
 .endif
 
 MAN1=			bash.1 bashbug.1
diff -ruN --exclude=CVS /usr/ports/shells/bash/distinfo /home/toni/ports/bash/distinfo
--- /usr/ports/shells/bash/distinfo	Tue Nov  2 14:26:50 2004
+++ /home/toni/ports/bash/distinfo	Wed Nov 10 15:00:47 2004
@@ -30,4 +30,6 @@
 SIZE (bash/bash30-014) = 1165
 MD5 (bash/bash30-015) = adc1ab952b42ed0c0f53d1c308a32101
 SIZE (bash/bash30-015) = 1480
+MD5 (bash/bash-3.0-syslog.patch) = 34ec0d9fb4600ed499e717bb2d6fccf7
+SIZE (bash/bash-3.0-syslog.patch) = 2421
 MD5 (bash/FAQ) = IGNORE
--- bash-3.0.15.patch ends here ---

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports-bugs->eik 
Responsible-Changed-By: vs 
Responsible-Changed-When: Wed Nov 10 15:25:54 GMT 2004 
Responsible-Changed-Why:  
Over to maintainer 

http://www.freebsd.org/cgi/query-pr.cgi?pr=73773 

From: Parv <parv@pair.com>
To: Toni Viemero <toni.viemero@iki.fi>
Cc: FreeBSD-gnats-submit@FreeBSD.org, eik@FreeBSD.org
Subject: Re: ports/73773: [PATCH] shells/bash: Add WITH_SYSLOG knob
Date: Wed, 10 Nov 2004 21:27:14 -0500

 in message <20041110130524.419CFB24D0@shaolin.selfdestruct.net>,
 wrote Toni Viemero thusly...
 >
 > 
 > Add WITH_SYSLOG knob to record users command history into syslog.
 
 Hunh.  That is quite an odd feature.
 
 (Just a comment, nothing more.)
 
 
   - Parv
 
 -- 
 

From: Oliver Eikemeier <eikemeier@fillmore-labs.com>
To: Parv <parv@pair.com>
Cc: Toni Viemero <toni.viemero@iki.fi>,
	FreeBSD-gnats-submit@FreeBSD.org
Subject: Re: ports/73773: [PATCH] shells/bash: Add WITH_SYSLOG knob
Date: Thu, 11 Nov 2004 05:19:30 +0100

 Parv wrote:
 
 > in message <20041110130524.419CFB24D0@shaolin.selfdestruct.net>,
 > wrote Toni Viemero thusly...
 >>
 >> Add WITH_SYSLOG knob to record users command history into syslog.
 >
 > Hunh.  That is quite an odd feature.
 
 Jup, especially since it can't be turned off. You did not state the 
 purpose of this extension, and it seems to me it should be discussed on 
 bug-bash@ first.
 -Oliver
 

From: Toni Viemero <toni.viemero@iki.fi>
To: Oliver Eikemeier <eikemeier@fillmore-labs.com>
Cc: Parv <parv@pair.com>, FreeBSD-gnats-submit@FreeBSD.org
Subject: Re: ports/73773: [PATCH] shells/bash: Add WITH_SYSLOG knob
Date: Thu, 11 Nov 2004 08:25:52 +0200

 Oliver Eikemeier wrote:
 
 > Parv wrote:
 > 
 > >in message <20041110130524.419CFB24D0@shaolin.selfdestruct.net>,
 > >wrote Toni Viemero thusly...
 > >>
 > >>Add WITH_SYSLOG knob to record users command history into syslog.
 > >
 > >Hunh.  That is quite an odd feature.
 > 
 > Jup, especially since it can't be turned off. You did not state the 
 > purpose of this extension, and it seems to me it should be discussed on 
 > bug-bash@ first.
 
 Running a large-ish userbase it's a quick'n'dirty method for detecting
 (clueless) abusive users using central syslogging and log monitoring
 software, instead of greppin /home/?/*/.bash_history regularly.
 This patch is called bash-bofh in 2.x series.
 
 -- 
 Toni Viemer  |  http://selfdestruct.net/
 "The scars will take me far, they always do."

From: Oliver Eikemeier <eikemeier@fillmore-labs.com>
To: Toni Viemero <toni.viemero@iki.fi>
Cc: Parv <parv@pair.com>, FreeBSD-gnats-submit@FreeBSD.org
Subject: Re: ports/73773: [PATCH] shells/bash: Add WITH_SYSLOG knob
Date: Thu, 11 Nov 2004 12:36:46 +0100

 Toni Viemero wrote:
 
 > Running a large-ish userbase it's a quick'n'dirty method for detecting
 > (clueless) abusive users using central syslogging and log monitoring
 > software, instead of greppin /home/?/*/.bash_history regularly.
 > This patch is called bash-bofh in 2.x series.
 
 Ah, it has some discussion in the README of bash-bofh-2.05b-0.0.1.tar.gz 
 from <http://www.ccitt5.net/code/>. People seem to use this, but I'm 
 still not sure about the benefits. You can't track hackers with it (they 
 will simply use sh(1) or tcsh(1)), and you try to catch abusive local 
 users by abusing your administrator rights to spy on them.
 
 It might make sense on a honeypot system, although a keylogger would 
 seem more appropriate there. Any other rationale/examples why this is a 
 good thing?
 -Oliver
 
State-Changed-From-To: open->closed 
State-Changed-By: flz 
State-Changed-When: Mon Jun 6 00:10:24 GMT 2005 
State-Changed-Why:  
Feedback timeout. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=73773 
>Unformatted:
