安装依旧文档应该没有什么太大问题
需要注意的几个方面:
1/针对哪些shell 审计,需要修改的地方,记录日志格式的地方,可能是io_logging.conf或其它也有可能
####内容如下#####
logprogs = {"sh","bash"}; ##在HX-UX或SOLARIS中,可有是"csh","sh"
logyear = strftime("%C%y");
#logyear = logyear+4;
logmonth = strftime("%m");
logday = strftime("%d");
logtime = strftime("%H%M%S");
from_ip=getenv("MY_IP","127.0.0.1");
#id = getenv("PID");
if (command in logprogs)
{
#iolog = logmktemp("/var/log/pb/"+ user + "_"+from_ip+"_"+ logyear+"-"+logmonth+"-"+logday+"_"+logtime+"_"+id+"_"+"XXXXXX");
iolog = logmktemp("/var/log/pb/"+ user + "_"+from_ip+"_"+ logyear+"-"+logmonth+"-"+logday+"_"+logtime+"_"+"XXXXXX");
runargv = {"-" + command};
print("Everything you do will be logged in:", iolog);
accept;
}
2/修改用户的SHELL,将其改为系统中存在的且为可以记录的SHELL
LINUX下通过是bash或sh
3/ 在用户目录下需要加一个.profile文件,定义些环境变量,并且执行pbrun这个命令,此命令执行后一定要EXIT的,否则后面无法执行菜单
# .profile
##################################################
# User Login Scirpt
# Modify at 20060113 By Kurau Co.Ltd
#
##################################################
trap '' 2 3
PATH=$PATH:$HOME/bin
export PATH
unset USERNAME
#MY_IP=`echo $SSH_CLIENT|awk -F" " '{print $1}'`
MY_DATE=`date "+%a %b %e %H:%M"`
MY_IP=`last $LOGNAME |grep -v "local"|grep -v "Symark-CLi"|grep "$MY_DATE"`
MY_IP=`echo $MY_IP|awk -F " " '{print $3}'`
if [ ! -n "$MY_IP" ]
then
MY_DATE=`date "+%a %b %e %H:%M"`
MY_IP=`last $LOGNAME |grep -v "local"|grep -v "Symark-CLi"|grep "$MY_DATE"`
MY_IP=`echo $MY_IP|awk -F " " '{print $3}'`
fi
export MY_IP
/usr/local/bin/pbrun bash
exit
4/修改.bash_profile文件
# .bash_profile
##################################################
# User Login Scirpt
# Modify at 20060113 By Kurau Co.Ltd
#
##################################################
trap ¡®¡¯ 2 3
PID="$$"
export PID
PATH=$PATH:$HOME/bin
export PATH
unset USERNAME
/usr/local/symark/menu.sh
exit
