summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2010-04-05Add auditing support to bashStephen Hemminger
This is based on earlier (unaccepted) patch to add auditing support which wasd done by Steve Grubb at Redhat. This patch depends on audit 1.4 to provide a logging function. The resulting audit message looks like this: time->Tue Jan 30 18:23:45 2007 type=USER_CMD msg=audit(1170199425.793:143): user pid=22862 uid=0 auid=0 subj=system_u:system_r:unconfined_t:s0-s0:c0.c1023 msg='cwd=2F726F6F742F7465737420646972 cmd=6C73202D6C (terminal=tty1 res=success)' Which translates to: type=USER_CMD msg=audit(01/30/2007 18:23:45.793:143) : user pid=22862 uid=root auid=root subj=system_u:system_r:unconfined_t:s0-s0:c0.c1023 msg='cwd=/root/test dir cmd=ls -l (terminal=tty1 res=success)' This patch causes bash to log all command line arguments when the shell is started as aubash or "bash --audit". The preferred methos is to make a symlink frp, bash to aubash and then add aubash to /etc/shells. Then you can change root's shell to aubash.
2010-03-103.1dfsg-8-vyatta-16debian/3.1dfsg-8-vyatta-16Stephen Hemminger
2010-03-10Add installation/removal scripts for vbashStephen Hemminger
Need to update /etc/shells so commands (like newrole), think vbash is a valid shell.
2010-03-10Update FSF addressStephen Hemminger
Fixes lintian warning about old FSF address.
2010-02-173.1dfsg-8-vyatta-15debian/3.1dfsg-8-vyatta-15An-Cheng Huang
2009-06-023.1dfsg-8-vyatta-14debian/3.1dfsg-8-vyatta-14Bob Gilligan
2009-06-02Bugfix 4108: Check pointers before dereferencing them.Bob Gilligan
2009-05-293.1dfsg-8-vyatta-13debian/3.1dfsg-8-vyatta-13An-Cheng Huang
2008-12-153.1dfsg-8-vyatta-12debian/3.1dfsg-8-vyatta-12An-Cheng Huang
2008-12-12"files" file should be removed before package buildAn-Cheng Huang
2008-12-12update maintainer informationAn-Cheng Huang
2008-12-03Merge branch 'islavista' into jennerRick Balocca
2008-11-253.2.0vyatta/3.2.0debian/3.1dfsg-8-vyatta-11Mark O'Brien
2008-11-19add support for development buildAn-Cheng Huang
2008-08-28remove ! and $ from vbash processing as these are handled by command scripts.slioch
2008-08-28Handle double and single quote within a command argument. First quote turns ↵slioch
on automatic escaping, second turns off. Will support unquoted, single quoted and double quoted forms of text strings.
2008-08-27disable shell interpretation of ![num] when entering configure commands. ↵slioch
this fixes a bug where the negation character in nat/firewall/wlb commands required user escaping.
2008-07-25skipping whitespace at beginning of command when matching set|delete.root
2008-07-25additional special characters to trap, added back free() after additional ↵root
testing, removed generated files from project.
2008-07-24Revert "missing a free from last merge."root
This reverts commit 402da0491b06f6c837f7fe8d28aa8605423928bf.
2008-07-24missing a free from last merge.root
2008-07-24fix for bug 1283. Or partial fix. Now handle and escape special characters ↵root
in vbash shell without requiring quotes on string. only applies to set/delete commands in vbash shell. Behavior is now much closer to juniper shell behavior with special characters.
2008-06-173.1.0vyatta/3.1.4vyatta/3.1.3vyatta/3.1.2vyatta/3.1.1vyatta/3.1.0debian/3.1dfsg-8-vyatta-10hollywoodMark O'Brien
2008-05-20Ignore derived filesrbalocca
2008-05-063.0.5debian/3.1dfsg-8-vyatta-9glendaleMark O'Brien
2008-05-053.0.4debian/3.1dfsg-8-vyatta-8Mark O'Brien
2008-04-293.0.3debian/3.1dfsg-8-vyatta-7Mark O'Brien
2008-04-21Indicate the VC4.0.2 release candidate in the changeloghollisterrbalocca
2008-04-19VC4.0.2debian/3.1dfsg-8-vyatta-6Mark O'Brien
2008-04-16VC4.0.2debian/3.1dfsg-8-vyatta-5Mark O'Brien
2008-04-043.0.2debian/3.1dfsg-8-vyatta-4Mark O'Brien
2008-03-19Merge branch 'glendale' of git:/git/vyatta-bash into glendaleMark O'Brien
Conflicts: debian/changelog
2008-03-183.0.1Mark O'Brien
2008-03-18VC4.0.1debian/3.1dfsg-8-vyatta-3Mark O'Brien
2008-02-25vc4.0.0debian/3.1dfsg-8-vyatta-2Mark O'Brien
2008-02-15Reset the version number to correspond to the version with which we startedrbalocca
2008-02-14fix for bug 2832: limit expansion checking to appropriate commands.An-Cheng Huang
2008-02-13fix for bug 2604: shell accepts '!' by defaultAn-Cheng Huang
2007-12-10Change the vyatta-bash package to have priority Optionaldebian/3.1dfsg-8-vyatta-1rbalocca
2007-12-07remove debug codeAn-Cheng Huang
2007-12-07support external per-level policies controlling default restricted modeAn-Cheng Huang
and allowed op/cfg/pipe commands, i.e., no more hard-coded policies in bash.
2007-12-07code reorgAn-Cheng Huang
2007-12-05restrict allowed operational commands in "full" mode.An-Cheng Huang
2007-12-04use xmalloc insteadAn-Cheng Huang
2007-12-04set default restricted mode based on group (in "vyattacfg" => "output",An-Cheng Huang
otherwise => "full").
2007-11-29sanitize command line in full restricted modeAn-Cheng Huang
2007-11-29restricted modes:An-Cheng Huang
* do not restart completion after a "connector" or a '`'. * only allow simple commands and "pipe" in "full" mode. * add mechanism to limit allowed pipe commands. * remove unnecessary command checks (non-interactive and same command).
2007-11-15update .gitignoreAn-Cheng Huang
2007-11-14* add restricted modes ("output" and "full").An-Cheng Huang
* support "root-level" programmable completion in restricted modes.
2007-11-14change packagingAn-Cheng Huang
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-10 00:44:18 +0000