Annotation of embedaddon/sudo/doc/sudoreplay.cat, revision 1.1.1.5
1.1.1.3 misho 1: SUDOREPLAY(1m) System Manager's Manual SUDOREPLAY(1m)
1.1 misho 2:
3: N�NA�AM�ME�E
1.1.1.3 misho 4: s�su�ud�do�or�re�ep�pl�la�ay�y - replay sudo session logs
1.1 misho 5:
6: S�SY�YN�NO�OP�PS�SI�IS�S
1.1.1.5 ! misho 7: s�su�ud�do�or�re�ep�pl�la�ay�y [-�-h�h] [-�-d�d _�d_�i_�r] [-�-f�f _�f_�i_�l_�t_�e_�r] [-�-m�m _�n_�u_�m] [-�-s�s _�n_�u_�m] ID
1.1 misho 8:
1.1.1.5 ! misho 9: s�su�ud�do�or�re�ep�pl�la�ay�y [-�-h�h] [-�-d�d _�d_�i_�r] -�-l�l [search expression]
1.1 misho 10:
11: D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
1.1.1.3 misho 12: s�su�ud�do�or�re�ep�pl�la�ay�y plays back or lists the output logs created by s�su�ud�do�o. When
13: replaying, s�su�ud�do�or�re�ep�pl�la�ay�y can play the session back in real-time, or the
14: playback speed may be adjusted (faster or slower) based on the command
15: line options.
1.1 misho 16:
1.1.1.3 misho 17: The _�I_�D should either be a six character sequence of digits and upper case
18: letters, e.g. 0100A5, or a pattern matching the _�i_�o_�l_�o_�g_�__�f_�i_�l_�e option in the
19: _�s_�u_�d_�o_�e_�r_�s file. When a command is run via s�su�ud�do�o with _�l_�o_�g_�__�o_�u_�t_�p_�u_�t enabled in
20: the _�s_�u_�d_�o_�e_�r_�s file, a TSID=ID string is logged via syslog or to the s�su�ud�do�o
21: log file. The _�I_�D may also be determined using s�su�ud�do�or�re�ep�pl�la�ay�y's list mode.
1.1 misho 22:
1.1.1.3 misho 23: In list mode, s�su�ud�do�or�re�ep�pl�la�ay�y can be used to find the ID of a session based on
24: a number of criteria such as the user, tty or command run.
1.1 misho 25:
1.1.1.3 misho 26: In replay mode, if the standard output has not been redirected,
27: s�su�ud�do�or�re�ep�pl�la�ay�y will act on the following keys:
1.1 misho 28:
1.1.1.3 misho 29: ` ' (space) Pause output; press any key to resume.
1.1 misho 30:
1.1.1.3 misho 31: `<' Reduce the playback speed by one half.
1.1 misho 32:
1.1.1.3 misho 33: `>' Double the playback speed.
1.1 misho 34:
1.1.1.3 misho 35: The options are as follows:
1.1 misho 36:
1.1.1.5 ! misho 37: -�-d�d _�d_�i_�r, -�--�-d�di�ir�re�ec�ct�to�or�ry�y=_�d_�i_�r
! 38: Store session logs in _�d_�i_�r instead of the default,
! 39: _�/_�v_�a_�r_�/_�l_�o_�g_�/_�s_�u_�d_�o_�-_�i_�o.
! 40:
! 41: -�-f�f _�f_�i_�l_�t_�e_�r, -�--�-f�fi�il�lt�te�er�r=_�f_�i_�l_�t_�e_�r
! 42: Select which I/O type(s) to display. By default, s�su�ud�do�or�re�ep�pl�la�ay�y
! 43: will display the command's standard output, standard error
! 44: and tty output. The _�f_�i_�l_�t_�e_�r argument is a comma-separated
! 45: list, consisting of one or more of following: _�s_�t_�d_�o_�u_�t, _�s_�t_�d_�e_�r_�r,
! 46: and _�t_�t_�y_�o_�u_�t.
! 47:
! 48: -�-h�h, -�--�-h�he�el�lp�p Display a short help message to the standard output and exit.
! 49:
! 50: -�-l�l, -�--�-l�li�is�st�t [_�s_�e_�a_�r_�c_�h _�e_�x_�p_�r_�e_�s_�s_�i_�o_�n]
! 51: Enable ``list mode''. In this mode, s�su�ud�do�or�re�ep�pl�la�ay�y will list
! 52: available sessions in a format similar to the s�su�ud�do�o log file
! 53: format, sorted by file name (or sequence number). If a
! 54: _�s_�e_�a_�r_�c_�h _�e_�x_�p_�r_�e_�s_�s_�i_�o_�n is specified, it will be used to restrict
! 55: the IDs that are displayed. An expression is composed of the
! 56: following predicates:
! 57:
! 58: command _�p_�a_�t_�t_�e_�r_�n
! 59: Evaluates to true if the command run matches _�p_�a_�t_�t_�e_�r_�n.
! 60: On systems with POSIX regular expression support, the
! 61: pattern may be an extended regular expression. On
! 62: systems without POSIX regular expression support, a
! 63: simple sub-string match is performed instead.
! 64:
! 65: cwd _�d_�i_�r_�e_�c_�t_�o_�r_�y
! 66: Evaluates to true if the command was run with the
! 67: specified current working directory.
! 68:
! 69: fromdate _�d_�a_�t_�e
! 70: Evaluates to true if the command was run on or after
! 71: _�d_�a_�t_�e. See _�D_�a_�t_�e _�a_�n_�d _�t_�i_�m_�e _�f_�o_�r_�m_�a_�t for a description of
! 72: supported date and time formats.
! 73:
! 74: group _�r_�u_�n_�a_�s_�__�g_�r_�o_�u_�p
! 75: Evaluates to true if the command was run with the
! 76: specified _�r_�u_�n_�a_�s_�__�g_�r_�o_�u_�p. Note that unless a
! 77: _�r_�u_�n_�a_�s_�__�g_�r_�o_�u_�p was explicitly specified when s�su�ud�do�o was
! 78: run this field will be empty in the log.
! 79:
! 80: runas _�r_�u_�n_�a_�s_�__�u_�s_�e_�r
! 81: Evaluates to true if the command was run as the
! 82: specified _�r_�u_�n_�a_�s_�__�u_�s_�e_�r. Note that s�su�ud�do�o runs commands
! 83: as user _�r_�o_�o_�t by default.
! 84:
! 85: todate _�d_�a_�t_�e
! 86: Evaluates to true if the command was run on or prior
! 87: to _�d_�a_�t_�e. See _�D_�a_�t_�e _�a_�n_�d _�t_�i_�m_�e _�f_�o_�r_�m_�a_�t for a description
! 88: of supported date and time formats.
! 89:
! 90: tty _�t_�t_�y _�n_�a_�m_�e
! 91: Evaluates to true if the command was run on the
! 92: specified terminal device. The _�t_�t_�y _�n_�a_�m_�e should be
! 93: specified without the _�/_�d_�e_�v_�/ prefix, e.g. _�t_�t_�y_�0_�1
! 94: instead of _�/_�d_�e_�v_�/_�t_�t_�y_�0_�1.
! 95:
! 96: user _�u_�s_�e_�r _�n_�a_�m_�e
! 97: Evaluates to true if the ID matches a command run by
! 98: _�u_�s_�e_�r _�n_�a_�m_�e.
! 99:
! 100: Predicates may be abbreviated to the shortest unique string
! 101: (currently all predicates may be shortened to a single
! 102: character).
! 103:
! 104: Predicates may be combined using _�a_�n_�d, _�o_�r and _�! operators as
! 105: well as `(' and `)' grouping (note that parentheses must
! 106: generally be escaped from the shell). The _�a_�n_�d operator is
! 107: optional, adjacent predicates have an implied _�a_�n_�d unless
! 108: separated by an _�o_�r.
! 109:
! 110: -�-m�m, -�--�-m�ma�ax�x-�-w�wa�ai�it�t _�m_�a_�x_�__�w_�a_�i_�t
! 111: Specify an upper bound on how long to wait between key
! 112: presses or output data. By default, s�su�ud�do�or�re�ep�pl�la�ay�y will
! 113: accurately reproduce the delays between key presses or
! 114: program output. However, this can be tedious when the
! 115: session includes long pauses. When the -�-m�m option is
! 116: specified, s�su�ud�do�or�re�ep�pl�la�ay�y will limit these pauses to at most
! 117: _�m_�a_�x_�__�w_�a_�i_�t seconds. The value may be specified as a floating
! 118: point number, e.g. _�2_�._�5.
! 119:
! 120: -�-s�s, -�--�-s�sp�pe�ee�ed�d _�s_�p_�e_�e_�d_�__�f_�a_�c_�t_�o_�r
! 121: This option causes s�su�ud�do�or�re�ep�pl�la�ay�y to adjust the number of seconds
! 122: it will wait between key presses or program output. This can
! 123: be used to slow down or speed up the display. For example, a
! 124: _�s_�p_�e_�e_�d_�__�f_�a_�c_�t_�o_�r of _�2 would make the output twice as fast whereas
! 125: a _�s_�p_�e_�e_�d_�__�f_�a_�c_�t_�o_�r of _�._�5 would make the output twice as slow.
1.1 misho 126:
1.1.1.5 ! misho 127: -�-V�V, -�--�-v�ve�er�rs�si�io�on�n
! 128: Print the s�su�ud�do�or�re�ep�pl�la�ay�y versions version number and exit.
1.1 misho 129:
130: D�Da�at�te�e a�an�nd�d t�ti�im�me�e f�fo�or�rm�ma�at�t
1.1.1.3 misho 131: The time and date may be specified multiple ways, common formats include:
1.1 misho 132:
1.1.1.3 misho 133: HH:MM:SS am MM/DD/CCYY timezone
134: 24 hour time may be used in place of am/pm.
1.1 misho 135:
1.1.1.3 misho 136: HH:MM:SS am Month, Day Year timezone
137: 24 hour time may be used in place of am/pm, and month and day
138: names may be abbreviated. Note that month and day of the week
139: names must be specified in English.
1.1 misho 140:
1.1.1.3 misho 141: CCYY-MM-DD HH:MM:SS
142: ISO time format
1.1 misho 143:
1.1.1.3 misho 144: DD Month CCYY HH:MM:SS
145: The month name may be abbreviated.
1.1 misho 146:
1.1.1.3 misho 147: Either time or date may be omitted, the am/pm and timezone are optional.
148: If no date is specified, the current day is assumed; if no time is
149: specified, the first second of the specified date is used. The less
150: significant parts of both time and date may also be omitted, in which
151: case zero is assumed.
1.1 misho 152:
1.1.1.3 misho 153: The following are all valid time and date specifications:
1.1 misho 154:
1.1.1.3 misho 155: now The current time and date.
1.1 misho 156:
1.1.1.3 misho 157: tomorrow
158: Exactly one day from now.
1.1 misho 159:
1.1.1.3 misho 160: yesterday
161: 24 hours ago.
1.1 misho 162:
1.1.1.3 misho 163: 2 hours ago
164: 2 hours ago.
1.1 misho 165:
1.1.1.3 misho 166: next Friday
1.1.1.5 ! misho 167: The first second of the Friday in the next (upcoming) week. Not
! 168: to be confused with ``this friday'' which would match the friday
! 169: of the current week.
! 170:
! 171: last week
! 172: The current time but 7 days ago. This is equivalent to ``a week
! 173: ago''.
1.1 misho 174:
1.1.1.3 misho 175: a fortnight ago
176: The current time but 14 days ago.
1.1 misho 177:
1.1.1.3 misho 178: 10:01 am 9/17/2009
179: 10:01 am, September 17, 2009.
1.1 misho 180:
1.1.1.3 misho 181: 10:01 am
182: 10:01 am on the current day.
1.1 misho 183:
1.1.1.3 misho 184: 10 10:00 am on the current day.
1.1 misho 185:
1.1.1.3 misho 186: 9/17/2009
187: 00:00 am, September 17, 2009.
1.1 misho 188:
1.1.1.3 misho 189: 10:01 am Sep 17, 2009
190: 10:01 am, September 17, 2009.
1.1 misho 191:
1.1.1.5 ! misho 192: Note that relative time specifications do not always work as expected.
! 193: For example, the ``next'' qualifier is intended to be used in conjunction
! 194: with a day such as ``next Monday''. When used with units of weeks,
! 195: months, years, etc the result will be one more than expected. For
! 196: example, ``next week'' will result in a time exactly two weeks from now,
! 197: which is probably not what was intended. This will be addressed in a
! 198: future version of s�su�ud�do�or�re�ep�pl�la�ay�y.
! 199:
1.1 misho 200: F�FI�IL�LE�ES�S
1.1.1.3 misho 201: _�/_�v_�a_�r_�/_�l_�o_�g_�/_�s_�u_�d_�o_�-_�i_�o The default I/O log directory.
1.1 misho 202:
1.1.1.3 misho 203: _�/_�v_�a_�r_�/_�l_�o_�g_�/_�s_�u_�d_�o_�-_�i_�o_�/_�0_�0_�/_�0_�0_�/_�0_�1_�/_�l_�o_�g
1.1 misho 204: Example session log info.
205:
1.1.1.3 misho 206: _�/_�v_�a_�r_�/_�l_�o_�g_�/_�s_�u_�d_�o_�-_�i_�o_�/_�0_�0_�/_�0_�0_�/_�0_�1_�/_�s_�t_�d_�i_�n
1.1 misho 207: Example session standard input log.
208:
1.1.1.3 misho 209: _�/_�v_�a_�r_�/_�l_�o_�g_�/_�s_�u_�d_�o_�-_�i_�o_�/_�0_�0_�/_�0_�0_�/_�0_�1_�/_�s_�t_�d_�o_�u_�t
1.1 misho 210: Example session standard output log.
211:
1.1.1.3 misho 212: _�/_�v_�a_�r_�/_�l_�o_�g_�/_�s_�u_�d_�o_�-_�i_�o_�/_�0_�0_�/_�0_�0_�/_�0_�1_�/_�s_�t_�d_�e_�r_�r
1.1 misho 213: Example session standard error log.
214:
1.1.1.3 misho 215: _�/_�v_�a_�r_�/_�l_�o_�g_�/_�s_�u_�d_�o_�-_�i_�o_�/_�0_�0_�/_�0_�0_�/_�0_�1_�/_�t_�t_�y_�i_�n
1.1 misho 216: Example session tty input file.
217:
1.1.1.3 misho 218: _�/_�v_�a_�r_�/_�l_�o_�g_�/_�s_�u_�d_�o_�-_�i_�o_�/_�0_�0_�/_�0_�0_�/_�0_�1_�/_�t_�t_�y_�o_�u_�t
1.1 misho 219: Example session tty output file.
220:
1.1.1.3 misho 221: _�/_�v_�a_�r_�/_�l_�o_�g_�/_�s_�u_�d_�o_�-_�i_�o_�/_�0_�0_�/_�0_�0_�/_�0_�1_�/_�t_�i_�m_�i_�n_�g
1.1 misho 222: Example session timing file.
223:
1.1.1.3 misho 224: Note that the _�s_�t_�d_�i_�n, _�s_�t_�d_�o_�u_�t and _�s_�t_�d_�e_�r_�r files will be empty unless s�su�ud�do�o
225: was used as part of a pipeline for a particular command.
1.1 misho 226:
227: E�EX�XA�AM�MP�PL�LE�ES�S
1.1.1.3 misho 228: List sessions run by user _�m_�i_�l_�l_�e_�r_�t:
1.1 misho 229:
1.1.1.3 misho 230: # sudoreplay -l user millert
1.1 misho 231:
1.1.1.3 misho 232: List sessions run by user _�b_�o_�b with a command containing the string vi:
1.1 misho 233:
1.1.1.3 misho 234: # sudoreplay -l user bob command vi
1.1 misho 235:
1.1.1.3 misho 236: List sessions run by user _�j_�e_�f_�f that match a regular expression:
1.1 misho 237:
1.1.1.3 misho 238: # sudoreplay -l user jeff command '/bin/[a-z]*sh'
1.1 misho 239:
1.1.1.3 misho 240: List sessions run by jeff or bob on the console:
1.1 misho 241:
1.1.1.3 misho 242: # sudoreplay -l ( user jeff or user bob ) tty console
1.1 misho 243:
244: S�SE�EE�E A�AL�LS�SO�O
1.1.1.3 misho 245: sudo(1m), script(1)
1.1 misho 246:
1.1.1.3 misho 247: A�AU�UT�TH�HO�OR�RS�S
248: Todd C. Miller
1.1 misho 249:
250: B�BU�UG�GS�S
1.1.1.3 misho 251: If you feel you have found a bug in s�su�ud�do�or�re�ep�pl�la�ay�y, please submit a bug
252: report at http://www.sudo.ws/sudo/bugs/
1.1 misho 253:
254: S�SU�UP�PP�PO�OR�RT�T
1.1.1.3 misho 255: Limited free support is available via the sudo-users mailing list, see
256: http://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or search the
257: archives.
1.1 misho 258:
259: D�DI�IS�SC�CL�LA�AI�IM�ME�ER�R
1.1.1.3 misho 260: s�su�ud�do�or�re�ep�pl�la�ay�y is provided ``AS IS'' and any express or implied warranties,
261: including, but not limited to, the implied warranties of merchantability
262: and fitness for a particular purpose are disclaimed. See the LICENSE
263: file distributed with s�su�ud�do�o or http://www.sudo.ws/sudo/license.html for
264: complete details.
1.1 misho 265:
1.1.1.5 ! misho 266: Sudo 1.8.8 September 11, 2013 Sudo 1.8.8
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to sudoreplay.cat CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / doc