May 26, 2018
Audited shells in Perl with sudo(8) and script(1)
Sudoscript provides an audited shell using sudo8 and script1. The front end script, sudoshell1 contacts the daemon, sudoscriptd8. They agree on the location of a FIFO, which the daemon opens for read. Sudoshell then runs script1 with the FIFO as a typescript. The daemon stamps each line of the script1 output with a session id, then passes the data over to another daemon. This daemon timestamps the data and stores it in a log file which is /var/log/sudoscript. This daemon also keeps an eye on the size of log files, and forks a rotator/compressor when it exceeds 2 MBytes.