Annotation of embedaddon/sudo/doc/sudoreplay.cat, revision 1.1.1.3
1.1.1.3 ! misho 1: SUDOREPLAY(1m) System Manager's Manual SUDOREPLAY(1m)
1.1 misho 2:
3: N�NA�AM�ME�E
1.1.1.3 ! misho 4: s�su�ud�do�or�re�ep�pl�la�ay�y - replay sudo session logs
1.1 misho 5:
6: S�SY�YN�NO�OP�PS�SI�IS�S
1.1.1.3 ! misho 7: s�su�ud�do�or�re�ep�pl�la�ay�y [-�-h�h] [-�-d�d _�d_�i_�r_�e_�c_�t_�o_�r_�y] [-�-f�f _�f_�i_�l_�t_�e_�r] [-�-m�m _�m_�a_�x_�__�w_�a_�i_�t]
! 8: [-�-s�s _�s_�p_�e_�e_�d_�__�f_�a_�c_�t_�o_�r] ID
1.1 misho 9:
1.1.1.3 ! misho 10: s�su�ud�do�or�re�ep�pl�la�ay�y [-�-h�h] [-�-d�d _�d_�i_�r_�e_�c_�t_�o_�r_�y] -�-l�l [search expression]
1.1 misho 11:
12: D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
1.1.1.3 ! misho 13: s�su�ud�do�or�re�ep�pl�la�ay�y plays back or lists the output logs created by s�su�ud�do�o. When
! 14: replaying, s�su�ud�do�or�re�ep�pl�la�ay�y can play the session back in real-time, or the
! 15: playback speed may be adjusted (faster or slower) based on the command
! 16: line options.
1.1 misho 17:
1.1.1.3 ! misho 18: The _�I_�D should either be a six character sequence of digits and upper case
! 19: letters, e.g. 0100A5, or a pattern matching the _�i_�o_�l_�o_�g_�__�f_�i_�l_�e option in the
! 20: _�s_�u_�d_�o_�e_�r_�s file. When a command is run via s�su�ud�do�o with _�l_�o_�g_�__�o_�u_�t_�p_�u_�t enabled in
! 21: the _�s_�u_�d_�o_�e_�r_�s file, a TSID=ID string is logged via syslog or to the s�su�ud�do�o
! 22: log file. The _�I_�D may also be determined using s�su�ud�do�or�re�ep�pl�la�ay�y's list mode.
1.1 misho 23:
1.1.1.3 ! misho 24: In list mode, s�su�ud�do�or�re�ep�pl�la�ay�y can be used to find the ID of a session based on
! 25: a number of criteria such as the user, tty or command run.
1.1 misho 26:
1.1.1.3 ! misho 27: In replay mode, if the standard output has not been redirected,
! 28: s�su�ud�do�or�re�ep�pl�la�ay�y will act on the following keys:
1.1 misho 29:
1.1.1.3 ! misho 30: ` ' (space) Pause output; press any key to resume.
1.1 misho 31:
1.1.1.3 ! misho 32: `<' Reduce the playback speed by one half.
1.1 misho 33:
1.1.1.3 ! misho 34: `>' Double the playback speed.
1.1 misho 35:
1.1.1.3 ! misho 36: The options are as follows:
1.1 misho 37:
1.1.1.3 ! misho 38: -�-d�d _�d_�i_�r_�e_�c_�t_�o_�r_�y Use _�d_�i_�r_�e_�c_�t_�o_�r_�y to for the session logs instead of the
1.1 misho 39: default, _�/_�v_�a_�r_�/_�l_�o_�g_�/_�s_�u_�d_�o_�-_�i_�o.
40:
1.1.1.3 ! misho 41: -�-f�f _�f_�i_�l_�t_�e_�r By default, s�su�ud�do�or�re�ep�pl�la�ay�y will play back the command's
! 42: standard output, standard error and tty output. The -�-f�f
1.1 misho 43: option can be used to select which of these to output. The
44: _�f_�i_�l_�t_�e_�r argument is a comma-separated list, consisting of
45: one or more of following: _�s_�t_�d_�o_�u_�t, _�s_�t_�d_�e_�r_�r, and _�t_�t_�y_�o_�u_�t.
46:
1.1.1.3 ! misho 47: -�-h�h The -�-h�h (_�h_�e_�l_�p) option causes s�su�ud�do�or�re�ep�pl�la�ay�y to print a short
1.1 misho 48: help message to the standard output and exit.
49:
1.1.1.3 ! misho 50: -�-l�l [_�s_�e_�a_�r_�c_�h _�e_�x_�p_�r_�e_�s_�s_�i_�o_�n]
! 51: Enable ``list mode''. In this mode, s�su�ud�do�or�re�ep�pl�la�ay�y will list
1.1.1.2 misho 52: available sessions in a format similar to the s�su�ud�do�o log file
53: format, sorted by file name (or sequence number). If a
54: _�s_�e_�a_�r_�c_�h _�e_�x_�p_�r_�e_�s_�s_�i_�o_�n is specified, it will be used to restrict
55: the IDs that are displayed. An expression is composed of
56: the following predicates:
1.1 misho 57:
1.1.1.3 ! misho 58: command _�p_�a_�t_�t_�e_�r_�n
1.1 misho 59: Evaluates to true if the command run matches
1.1.1.3 ! misho 60: _�p_�a_�t_�t_�e_�r_�n. On systems with POSIX regular expression
! 61: support, the pattern may be an extended regular
! 62: expression. On systems without POSIX regular
! 63: expression support, a simple substring match is
! 64: performed instead.
1.1 misho 65:
66: cwd _�d_�i_�r_�e_�c_�t_�o_�r_�y
67: Evaluates to true if the command was run with the
68: specified current working directory.
69:
70: fromdate _�d_�a_�t_�e
71: Evaluates to true if the command was run on or
1.1.1.3 ! misho 72: after _�d_�a_�t_�e. See _�D_�a_�t_�e _�a_�n_�d _�t_�i_�m_�e _�f_�o_�r_�m_�a_�t for a
1.1 misho 73: description of supported date and time formats.
74:
75: group _�r_�u_�n_�a_�s_�__�g_�r_�o_�u_�p
76: Evaluates to true if the command was run with the
77: specified _�r_�u_�n_�a_�s_�__�g_�r_�o_�u_�p. Note that unless a
78: _�r_�u_�n_�a_�s_�__�g_�r_�o_�u_�p was explicitly specified when s�su�ud�do�o was
79: run this field will be empty in the log.
80:
81: runas _�r_�u_�n_�a_�s_�__�u_�s_�e_�r
82: Evaluates to true if the command was run as the
83: specified _�r_�u_�n_�a_�s_�__�u_�s_�e_�r. Note that s�su�ud�do�o runs commands
84: as user _�r_�o_�o_�t by default.
85:
86: todate _�d_�a_�t_�e
87: Evaluates to true if the command was run on or
1.1.1.3 ! misho 88: prior to _�d_�a_�t_�e. See _�D_�a_�t_�e _�a_�n_�d _�t_�i_�m_�e _�f_�o_�r_�m_�a_�t for a
1.1 misho 89: description of supported date and time formats.
90:
1.1.1.3 ! misho 91: tty _�t_�t_�y _�n_�a_�m_�e
! 92: Evaluates to true if the command was run on the
! 93: specified terminal device. The _�t_�t_�y _�n_�a_�m_�e should be
! 94: specified without the _�/_�d_�e_�v_�/ prefix, e.g. _�t_�t_�y_�0_�1
1.1 misho 95: instead of _�/_�d_�e_�v_�/_�t_�t_�y_�0_�1.
96:
97: user _�u_�s_�e_�r _�n_�a_�m_�e
98: Evaluates to true if the ID matches a command run
99: by _�u_�s_�e_�r _�n_�a_�m_�e.
100:
101: Predicates may be abbreviated to the shortest unique string
102: (currently all predicates may be shortened to a single
103: character).
104:
105: Predicates may be combined using _�a_�n_�d, _�o_�r and _�! operators as
1.1.1.3 ! misho 106: well as `(' and `)' grouping (note that parentheses must
! 107: generally be escaped from the shell). The _�a_�n_�d operator is
! 108: optional, adjacent predicates have an implied _�a_�n_�d unless
! 109: separated by an _�o_�r.
1.1 misho 110:
1.1.1.3 ! misho 111: -�-m�m _�m_�a_�x_�__�w_�a_�i_�t Specify an upper bound on how long to wait between key
! 112: presses or output data. By default, s�su�ud�do�or�re�ep�pl�la�ay�y will
1.1 misho 113: accurately reproduce the delays between key presses or
114: program output. However, this can be tedious when the
1.1.1.3 ! misho 115: session includes long pauses. When the -�-m�m option is
1.1 misho 116: specified, s�su�ud�do�or�re�ep�pl�la�ay�y will limit these pauses to at most
117: _�m_�a_�x_�__�w_�a_�i_�t seconds. The value may be specified as a floating
1.1.1.3 ! misho 118: point number, e.g. _�2_�._�5.
1.1 misho 119:
1.1.1.3 ! misho 120: -�-s�s _�s_�p_�e_�e_�d_�__�f_�a_�c_�t_�o_�r
1.1 misho 121: This option causes s�su�ud�do�or�re�ep�pl�la�ay�y to adjust the number of
122: seconds it will wait between key presses or program output.
123: This can be used to slow down or speed up the display. For
124: example, a _�s_�p_�e_�e_�d_�__�f_�a_�c_�t_�o_�r of _�2 would make the output twice as
1.1.1.3 ! misho 125: fast whereas a _�s_�p_�e_�e_�d_�__�f_�a_�c_�t_�o_�r of _�._�5 would make the output
1.1 misho 126: twice as slow.
127:
1.1.1.3 ! misho 128: -�-V�V The -�-V�V (_�v_�e_�r_�s_�i_�o_�n) option causes s�su�ud�do�or�re�ep�pl�la�ay�y to print its
1.1 misho 129: version number and exit.
130:
131: D�Da�at�te�e a�an�nd�d t�ti�im�me�e f�fo�or�rm�ma�at�t
1.1.1.3 ! misho 132: The time and date may be specified multiple ways, common formats include:
1.1 misho 133:
1.1.1.3 ! misho 134: HH:MM:SS am MM/DD/CCYY timezone
! 135: 24 hour time may be used in place of am/pm.
1.1 misho 136:
1.1.1.3 ! misho 137: HH:MM:SS am Month, Day Year timezone
! 138: 24 hour time may be used in place of am/pm, and month and day
! 139: names may be abbreviated. Note that month and day of the week
! 140: names must be specified in English.
1.1 misho 141:
1.1.1.3 ! misho 142: CCYY-MM-DD HH:MM:SS
! 143: ISO time format
1.1 misho 144:
1.1.1.3 ! misho 145: DD Month CCYY HH:MM:SS
! 146: The month name may be abbreviated.
1.1 misho 147:
1.1.1.3 ! misho 148: Either time or date may be omitted, the am/pm and timezone are optional.
! 149: If no date is specified, the current day is assumed; if no time is
! 150: specified, the first second of the specified date is used. The less
! 151: significant parts of both time and date may also be omitted, in which
! 152: case zero is assumed.
1.1 misho 153:
1.1.1.3 ! misho 154: The following are all valid time and date specifications:
1.1 misho 155:
1.1.1.3 ! misho 156: now The current time and date.
1.1 misho 157:
1.1.1.3 ! misho 158: tomorrow
! 159: Exactly one day from now.
1.1 misho 160:
1.1.1.3 ! misho 161: yesterday
! 162: 24 hours ago.
1.1 misho 163:
1.1.1.3 ! misho 164: 2 hours ago
! 165: 2 hours ago.
1.1 misho 166:
1.1.1.3 ! misho 167: next Friday
! 168: The first second of the next Friday.
1.1 misho 169:
1.1.1.3 ! misho 170: this week
! 171: The current time but the first day of the coming week.
1.1 misho 172:
1.1.1.3 ! misho 173: a fortnight ago
! 174: The current time but 14 days ago.
1.1 misho 175:
1.1.1.3 ! misho 176: 10:01 am 9/17/2009
! 177: 10:01 am, September 17, 2009.
1.1 misho 178:
1.1.1.3 ! misho 179: 10:01 am
! 180: 10:01 am on the current day.
1.1 misho 181:
1.1.1.3 ! misho 182: 10 10:00 am on the current day.
1.1 misho 183:
1.1.1.3 ! misho 184: 9/17/2009
! 185: 00:00 am, September 17, 2009.
1.1 misho 186:
1.1.1.3 ! misho 187: 10:01 am Sep 17, 2009
! 188: 10:01 am, September 17, 2009.
1.1 misho 189:
190: F�FI�IL�LE�ES�S
1.1.1.3 ! misho 191: _�/_�v_�a_�r_�/_�l_�o_�g_�/_�s_�u_�d_�o_�-_�i_�o The default I/O log directory.
1.1 misho 192:
1.1.1.3 ! misho 193: _�/_�v_�a_�r_�/_�l_�o_�g_�/_�s_�u_�d_�o_�-_�i_�o_�/_�0_�0_�/_�0_�0_�/_�0_�1_�/_�l_�o_�g
1.1 misho 194: Example session log info.
195:
1.1.1.3 ! misho 196: _�/_�v_�a_�r_�/_�l_�o_�g_�/_�s_�u_�d_�o_�-_�i_�o_�/_�0_�0_�/_�0_�0_�/_�0_�1_�/_�s_�t_�d_�i_�n
1.1 misho 197: Example session standard input log.
198:
1.1.1.3 ! misho 199: _�/_�v_�a_�r_�/_�l_�o_�g_�/_�s_�u_�d_�o_�-_�i_�o_�/_�0_�0_�/_�0_�0_�/_�0_�1_�/_�s_�t_�d_�o_�u_�t
1.1 misho 200: Example session standard output log.
201:
1.1.1.3 ! misho 202: _�/_�v_�a_�r_�/_�l_�o_�g_�/_�s_�u_�d_�o_�-_�i_�o_�/_�0_�0_�/_�0_�0_�/_�0_�1_�/_�s_�t_�d_�e_�r_�r
1.1 misho 203: Example session standard error log.
204:
1.1.1.3 ! misho 205: _�/_�v_�a_�r_�/_�l_�o_�g_�/_�s_�u_�d_�o_�-_�i_�o_�/_�0_�0_�/_�0_�0_�/_�0_�1_�/_�t_�t_�y_�i_�n
1.1 misho 206: Example session tty input file.
207:
1.1.1.3 ! misho 208: _�/_�v_�a_�r_�/_�l_�o_�g_�/_�s_�u_�d_�o_�-_�i_�o_�/_�0_�0_�/_�0_�0_�/_�0_�1_�/_�t_�t_�y_�o_�u_�t
1.1 misho 209: Example session tty output file.
210:
1.1.1.3 ! misho 211: _�/_�v_�a_�r_�/_�l_�o_�g_�/_�s_�u_�d_�o_�-_�i_�o_�/_�0_�0_�/_�0_�0_�/_�0_�1_�/_�t_�i_�m_�i_�n_�g
1.1 misho 212: Example session timing file.
213:
1.1.1.3 ! misho 214: Note that the _�s_�t_�d_�i_�n, _�s_�t_�d_�o_�u_�t and _�s_�t_�d_�e_�r_�r files will be empty unless s�su�ud�do�o
! 215: was used as part of a pipeline for a particular command.
1.1 misho 216:
217: E�EX�XA�AM�MP�PL�LE�ES�S
1.1.1.3 ! misho 218: List sessions run by user _�m_�i_�l_�l_�e_�r_�t:
1.1 misho 219:
1.1.1.3 ! misho 220: # sudoreplay -l user millert
1.1 misho 221:
1.1.1.3 ! misho 222: List sessions run by user _�b_�o_�b with a command containing the string vi:
1.1 misho 223:
1.1.1.3 ! misho 224: # sudoreplay -l user bob command vi
1.1 misho 225:
1.1.1.3 ! misho 226: List sessions run by user _�j_�e_�f_�f that match a regular expression:
1.1 misho 227:
1.1.1.3 ! misho 228: # sudoreplay -l user jeff command '/bin/[a-z]*sh'
1.1 misho 229:
1.1.1.3 ! misho 230: List sessions run by jeff or bob on the console:
1.1 misho 231:
1.1.1.3 ! misho 232: # sudoreplay -l ( user jeff or user bob ) tty console
1.1 misho 233:
234: S�SE�EE�E A�AL�LS�SO�O
1.1.1.3 ! misho 235: sudo(1m), script(1)
1.1 misho 236:
1.1.1.3 ! misho 237: A�AU�UT�TH�HO�OR�RS�S
! 238: Todd C. Miller
1.1 misho 239:
240: B�BU�UG�GS�S
1.1.1.3 ! misho 241: If you feel you have found a bug in s�su�ud�do�or�re�ep�pl�la�ay�y, please submit a bug
! 242: report at http://www.sudo.ws/sudo/bugs/
1.1 misho 243:
244: S�SU�UP�PP�PO�OR�RT�T
1.1.1.3 ! misho 245: Limited free support is available via the sudo-users mailing list, see
! 246: http://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or search the
! 247: archives.
1.1 misho 248:
249: D�DI�IS�SC�CL�LA�AI�IM�ME�ER�R
1.1.1.3 ! misho 250: s�su�ud�do�or�re�ep�pl�la�ay�y is provided ``AS IS'' and any express or implied warranties,
! 251: including, but not limited to, the implied warranties of merchantability
! 252: and fitness for a particular purpose are disclaimed. See the LICENSE
! 253: file distributed with s�su�ud�do�o or http://www.sudo.ws/sudo/license.html for
! 254: complete details.
1.1 misho 255:
1.1.1.3 ! misho 256: Sudo 1.8.6 July 12, 2012 Sudo 1.8.6
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to sudoreplay.cat CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / doc