Manage Learn to apply best practices and optimize your operations.

Logging commands as su user

Ken Milberg recommends using Sudosh, an RPM with the ability to play back enter sessions of commands from logins as su user.

How do you log commands run as su user? If you use sudo to su, no corresponding commands are logged by sudo, only the initial su (the same happens if you enter a shell). In a home environment, this is fine. In real life, it is necessary to su at times, so denying su access through sudo isn't practical. I need to record everything done on the system.

I share your pain, as I used to have this same problem and in the past had written scripts to accomplish this....

Today, all you need to do is use sudosh. Sudosh (an RPM) works with sudo to provide a shell that users would use for full root access, which ensures that the detailed logs are kept.

Sudosh actually records all keystrokes with the output, and can play back entire sessions like a VCR! It is very simple to set up and actually comes in two parts, sudosh and sudoshd. Sudosh is the actual program that one would call from sudo.

This was last published in April 2007

Dig Deeper on Linux servers



Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.