Script
Aus SchnallIchNet
Inhaltsverzeichnis
script
record shell logins to your system for what ever reason...
records ervery interaction...
script -t -a -f -q [filename]
- if filename is not given a file named 'typescript' is created...
- -t write timing information (for replay) to STDERR. Use '2> timing-file' to catch
- -a append to file
- -f flush output after each line
- -q be quiet
scriptreplay
this perl script is used to replay typescript-files recorded by script command
you will habe to force script to output timing information.
usage:
scriptreplay timingfile [typescript [divisor]]
divisor argument can be used to play the file faster than it was recorded
e.g. a divisor of 2 will play the file twice fast as recorded.
the perl-script
#!/usr/bin/perl -w # "script -t" will output a typescript with timings # this script "scriptreplay" replays it # run pod2man on it to get a man page =head1 NAME scriptreplay - play back typescripts, using timing information =head1 SYNOPSIS scriptreplay timingfile [typescript [divisor]] =head1 DESCRIPTION This program replays a typescript, using timing information to ensure that output happens at the same speed as it originally appeared when the script was recorded. It is only guaranteed to work properly if run on the same terminal the script was recorded on. The timings information is what script outputs to standard error if it is run with the -t parameter. By default, the typescript to display is assumed to be named "typescript", but other filenames may be specified, as the second parameter. If the third parameter exits, it is used as a time divisor. For example, specifying a divisor of 2 makes the script be replayed twice as fast. =head1 EXAMPLE % script -t 2> timingfile Script started, file is typescript % ls <etc, etc> % exit Script done, file is typescript % scriptreplay timingfile =cut use strict; $|=1; open (TIMING, shift) or die "cannot read timing info: $!"; open (TYPESCRIPT, shift || 'typescript') or die "cannot read typescript: $!"; my $divisor=shift || 1; # Read starting timestamp line and ignore. <TYPESCRIPT>; my $block; my $oldblock=''; while (<TIMING>) { my ($delay, $blocksize)=split ' ', $_, 2; # Sleep, unless the delay is really tiny. Really tiny delays cannot # be accurately done, because the system calls in this loop will # have more overhead. The 0.0001 is arbitrary, but works fairly well. if ($delay / $divisor > 0.0001) { select(undef, undef, undef, $delay / $divisor - 0.0001); } read(TYPESCRIPT, $block, $blocksize) or die "read failure on typescript: $!"; print $oldblock; $oldblock=$block; } print $oldblock; =head1 SEE ALSO script(1) =head1 COPYRIGHT This program is in the public domain. =head1 AUTHOR Joey Hess <joey@kitenet.net>
Misc
Audit all users
nice snippet for /etc/profile to audit all users logging in...
beware of locking out youself from the system! keep a terminal open
until verified script is working...
# # enable typescript for all users # by Colin van Niekerk # # extended and debianized # by Christoph Steidl # LogMailAddress="emailAddress@your_co.com" LOGDIR="/tmp/typescripts" TS_FILENAME="$HOSTNAME-$USER-`date +%Y%m%d%H%M%S`" # make sure script is installed SCRIPT=`which script` if [ $? -ne 0 ]; then echo "script not found."; exit 1; fi #Make sure the system can be used as is for logging, if it is not, make it ready if [ ! -d $LOGDIR ] then rm -rf $LOGDIR mkdir $LOGDIR chmod 777 $LOGDIR fi clean_exit () { # Delivery the logs to a remote mailbox for future use MUTT=`which mutt`; if [ $? -eq 0 ]; then echo "" | $MUTT -s "$TS_FILENAME" $LogMailAddress -a $LOGDIR/$TS_FILENAME -a $LOGDIR/$TS_FILENAME.timing; fi exit; } # Ensure that clean_exit runs pretty much no matter what exit code it detects trap 'clean_exit' 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 26 # Create the logging file to be used touch $LOGDIR/$TS_FILENAME touch $LOGDIR/$TS_FILENAME.timing chmod 600 $LOGDIR/$TS_FILENAME chmod 600 $LOGDIR/$TS_FILENAME.timing # Run script to enable the actual logging $SCRIPT -t -q $LOGDIR/$TS_FILENAME 2> $LOGDIR/$TS_FILENAME.timing # Make the file readonly chmod 400 $LOGDIR/$TS_FILENAME chmod 400 $LOGDIR/$TS_FILENAME.timing clean_exit