Ping a Specific Port

Question

LinuxPenseur

Asked: 2010-12-22 00:10:29 +0800 CST2010-12-22 00:10:29 +0800 CST 2010-12-22 00:10:29 +0800 CST

Log "date -s" command

772

I know that the date -s <STRING> command sets the time described by the string STRING.

What i want is to log the above command whenever it is used to set the time into the file /tmp/log/user.log.

In my Linux distribution the logging is done by syslog-ng. I already have some logs going into /tmp/log/user.log.

This is the content of /etc/syslog-ng/syslog-ng.conf in my system for logging into /tmp/log/user.log

destination d_notice  { file("/tmp/log/user.log");};

filter f_filter10   { level(notice) and not facility(mail,authpriv,cron); };

log { source(s_sys); filter(f_filter10); destination(d_notice); };

What should i do so that date -s command is also logged into /tmp/log/user.log

1 Answers

Voted

Mikel · Answer 1 · 2010-12-22T01:39:46+08:00

Mikel

2010-12-22T01:39:46+08:002010-12-22T01:39:46+08:00

Date changes are not logged by default, at least not on Debian.

The simplest option would be to replace /bin/date with a wrapper that prints a log message using logger then calls the real /bin/date executable, e.g.

mv /bin/date /bin/date.real
cat << 'EOF' >/bin/date
#!/bin/bash
logger -p user.notice "date run by $UID: $*"
/bin/date.real
EOF
chmod +x /bin/date

Other than that, I know that grsecurity allows you to log any changes to the system time. It would require compiling a custom kernel.

1

Log "date -s" command

Ping a Specific Port

How do I tell Git for Windows where to find my private RSA key?

How do you restart php-fpm?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

How can I sort du -h output by size

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?