Date: Tue, 17 Jul 2001 17:25:09 -0400 (EDT) From: Jeff Ito <jeffi@rcn.com> To: nathan@corp.wac.com Cc: freebsd-security@freebsd.org Subject: Re: Exec logging, FreeBSD Kernel Module. Message-ID: <Pine.BSF.3.96.1010717172418.57255A-100000@dros.delnoch.net> In-Reply-To: <008e01c10efa$29d98a60$f5c8a8c0@NATHAN>
next in thread | previous in thread | raw e-mail | index | archive | help
if you look at the LINT file this is listed: pseudo-device snp 3 #Snoop device - to look at pty/vty/etc.. --- Jeff > got everything working with watch, i guess i've been to drunk to notice that > i > didn't do a damn MAKEDEV.. sorry about that. i figured i did. =\ > > have a great day. > > > ----- Original Message ----- > From: "Steven Ames" <steve@virtual-voodoo.com> > To: <nathan@corp.wac.com>; "jono@networkcommand.com" <jono@microshaft.org> > Cc: <freebsd-security@FreeBSD.ORG> > Sent: Tuesday, July 17, 2001 12:08 PM > Subject: Re: Exec logging, FreeBSD Kernel Module. > > > > Sure. However you have to have 'snp' devices configured into the kernel. > > > > device snp > > > > In 4.X that may read something more like: > > > > device snp 1 > > > > I don't remember. > > > > -Steve > > > > ----- Original Message ----- > > From: <nathan@corp.wac.com> > > To: "jono@networkcommand.com" <jono@microshaft.org> > > Cc: <freebsd-security@FreeBSD.ORG> > > Sent: Tuesday, July 17, 2001 2:11 PM > > Subject: Re: Exec logging, FreeBSD Kernel Module. > > > > > > > > > > to reply to your last message.. i've never been able to get watch to > work > > > properly. has anyone else? > > > > > > > > > ----- Original Message ----- > > > From: "Jon O ." <jono@microshaft.org> > > > To: "Artur Meski" <glash@freebsd.net.pl> > > > Cc: <freebsd-security@FreeBSD.ORG> > > > Sent: Tuesday, July 17, 2001 10:42 AM > > > Subject: Re: Exec logging, FreeBSD Kernel Module. > > > > > > > > > > See below: > > > > > > > > > > > > # man watch > > > > WATCH(8) FreeBSD System Manager's Manual > > > WATCH(8) > > > > > > > > NAME > > > > watch - snoop on another tty line > > > > > > > > SYNOPSIS > > > > watch [-ciotnW] [tty] > > > > > > > > DESCRIPTION > > > > Watch allows the superuser to examine all data coming through a > > > specified > > > > tty. Watch writes to standard output. > > > > > > > > > > > > > > > > # man snp > > > > SNP(4) FreeBSD Kernel Interfaces Manual > > > SNP(4) > > > > > > > > NAME > > > > snp - tty snoop interface > > > > > > > > SYNOPSIS > > > > #include <sys/snoop.h> > > > > > > > > > > > > > > > > > > > > On 17-Jul-2001, Artur Meski wrote: > > > > > Hi. > > > > > > > > > > I'm looking for FreeBSD Kernel Module, which will log all executed > > > commands > > > > > by users. Could somebody help me? > > > > > > > > > > -- > > > > > Artur Meski [glash@freebsd.net.pl] [tel +48606494552] > > > [http://glash.black.pl/] > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > > with "unsubscribe freebsd-security" in the body of the message > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > with "unsubscribe freebsd-security" in the body of the message > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-security" in the body of the message > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.1010717172418.57255A-100000>