diff options
| author | Mattias Andrée <maandree@operamail.com> | 2014-10-29 16:53:11 +0100 |
|---|---|---|
| committer | Mattias Andrée <maandree@operamail.com> | 2014-10-29 16:53:11 +0100 |
| commit | 0715f14fe63fe8a764d4da27dc2a499a3faa3323 (patch) | |
| tree | 159668e8262f7d3b0e44e9a81f3675bcd624f017 | |
| parent | parse command line (diff) | |
| download | cerberus-logging-0715f14fe63fe8a764d4da27dc2a499a3faa3323.tar.gz cerberus-logging-0715f14fe63fe8a764d4da27dc2a499a3faa3323.tar.bz2 cerberus-logging-0715f14fe63fe8a764d4da27dc2a499a3faa3323.tar.xz | |
call logging programs
Signed-off-by: Mattias Andrée <maandree@operamail.com>
| -rwxr-xr-x | src/logging | 56 |
1 files changed, 53 insertions, 3 deletions
diff --git a/src/logging b/src/logging index 5af2840..9ad9804 100755 --- a/src/logging +++ b/src/logging @@ -18,11 +18,16 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. +# Login username, client hostname if non-local, ttyname and cerberus-hook username= hostname= +ttyname="$(tty | cut -d / -f 1,2 --complement)" hook="${1}" +# Remove the hookname from $@ shift 1 +# Parse the command line, excluding the hookname +# This is the arguments cerberus was spawned with hostname_on_next=0 dash=0 for arg in "$@"; do @@ -33,19 +38,19 @@ for arg in "$@"; do while [ ! "${arg}" = "" ]; do c="${arg::1}" arg="${arg:1}" - if [ "${c}" = "h" ]; then + if [ "${c}" = "h" ]; then # hostname if [ ! "${arg}" = "" ]; then hostname="${arg}" else hostname_on_next=1 fi break - elif [ "${c}" = "f" ]; then + elif [ "${c}" = "f" ]; then # force if [ ! "${arg}" = "" ]; then username="${arg}" fi break - elif [ "${c}" = "-" ]; then + elif [ "${c}" = "-" ]; then # username dash=1 break fi @@ -58,3 +63,48 @@ for arg in "$@"; do fi done +# Execute a program only if it exists +try () +{ + if hash "${1}" 2>/dev/null then + "$@" + fi +} +# Call logging programs (those that exists) for a successful login action +log-login () +{ + try log-login-utmp "$@" + try log-login-audit "$@" + try log-login-lastlog "$@" + try log-login-syslog "$@" +} +# Call logging programs (those that exists) for a logout action +log-logout () +{ + try log-login-syslog "$@" +} +# Call logging programs (those that exists) for a failed login action +log-denied () +{ + try log-login-btmp "$@" + try log-login-audit "$@" +} + +# Figure out the actionname +action="${hook}" +if [ "${hook}" = denied ]; then + action=fail +fi + +# Preprend options to values +action=--action="${action}" +username=--username="${username}" +ttyname=--ttyname="${ttyname}" + +# Call the logging programs +if [ "${hostname}" = "" ]; then + "log-${hook}" "${action}" "${username}" "${ttyname}" +else + "log-${hook}" "${action}" "${username}" "${ttyname}" --hostname="${hostname}" +fi + |