From 770e38401ae5489d58d7dd1f45cf27813d100d5e Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Thu, 17 Jun 2010 10:05:01 -0700 Subject: Remove AUDIT_SHELL option The concept of logging shell commands through audit subsystem is not useful because it is too hard to configure, requires special privledges, doesn't handle background commands, and is missing the necessary information... --- shell.c | 30 ------------------------------ 1 file changed, 30 deletions(-) (limited to 'shell.c') diff --git a/shell.c b/shell.c index 9836035..1aac510 100644 --- a/shell.c +++ b/shell.c @@ -235,9 +235,6 @@ struct { { "rcfile", Charp, (int *)0x0, &bashrc_file }, #if defined (RESTRICTED_SHELL) { "restricted", Int, &restricted, (char **)0x0 }, -#endif -#if defined (AUDIT_SHELL) - { "audit", Int, &audited, (char **)0x0 }, #endif { "verbose", Int, &echo_input_at_read, (char **)0x0 }, { "version", Int, &do_version, (char **)0x0 }, @@ -637,10 +634,6 @@ main (argc, argv, env) maybe_make_restricted (shell_name); #endif /* RESTRICTED_SHELL */ -#if defined (AUDIT_SHELL) - maybe_make_audited (shell_name); -#endif - if (wordexp_only) { startup_state = 3; @@ -1140,29 +1133,6 @@ maybe_make_restricted (name) } #endif /* RESTRICTED_SHELL */ -#if defined (AUDIT_SHELL) -/* Perhaps make this shell an `audited' one, based on NAME. If the - basename of NAME is "vbash", then this shell is audited. The - name of the audited shell is a configurable option, see config.h. - In an audited shell, all actions performed by root will be logged - to the audit system. - Do this also if `audited' is already set to 1 maybe the shell was - started with --audit. */ -int -maybe_make_audited (name) - char *name; -{ - char *temp; - - temp = base_pathname (name); - if (*temp == '-') - temp++; - if (audited || (STREQ (temp, AUDIT_SHELL_NAME))) - audited = 1; - return (audited); -} -#endif /* AUDIT_SHELL */ - /* Fetch the current set of uids and gids and return 1 if we're running setuid or setgid. */ static int -- cgit v1.2.3