There is a git server, all users are connected via ssh , git-shell used as a git-shell .
Is it possible to write to the log all commands sent to the server from users?
2 answers
gitolite do not want to use gitolite yet.
I read an interesting article http://habrahabr.ru/post/186732/
Enabled ForceCommand hook in sshd settings
The hook script itself:
#!/bin/sh if [ ! -z "${SSH_ORIGINAL_COMMAND}" ]; then printf "%s - %s ip:%s. Runs a command: %s\n" $(date +%H:%M:%S) "${USER}" $(echo ${SSH_CLIENT} | awk '{print $1}') "${SSH_ORIGINAL_COMMAND}" >> /var/log/ssh/${USER}-$(date +%Y-%m-%d).log git-shell -c "$SSH_ORIGINAL_COMMAND" else cat /etc/motd ${SHELL} fi Put it in /usr/sbin and a symbolic link in each user's git-shell-commands .
Can anyone have more suggestions?
Nofate ♦
32.6k 13 gold signs 57 silver marks 86 bronze marks
al7 al7
41 7 bronze marks
|
Glancing at the git-shell source , I see that the logging tools are not supposed to be provided.
Ie, we need some kind of wrapper .
Which can be used, for example, /usr/bin/script (see man script ).
As an alternative, I suggest using the gitolite package, which is present, as far as I know, in all popular distributions. There is logging (usually even enabled by default).
Nicolas Chabanovsky ♦
38.1k 54 gold marks 222 silver marks 438 bronze marks
aleksandr barakin aleksandr barakin
56.9k 13 gold signs 49 silver marks 172 bronze marks
|