LinuxGuruz
  • Last 5 Forum Topics
    Replies
    Views
    Last post


The Web Only This Site
  • BOOKMARK

  • ADD TO FAVORITES

  • REFERENCES


  • MARC

    Mailing list ARChives
    - Search by -
     Subjects
     Authors
     Bodies





    FOLDOC

    Computing Dictionary




  • Text Link Ads






  • LINUX man pages
  • Linux Man Page Viewer


    The following form allows you to view linux man pages.

    Command:

    sudoreplay

    
                    [-s speed_factor] ID
    
         sudoreplay [-h] [-d directory] -l [search expression]
    
    
    

    DESCRIPTION

         sudoreplay plays back or lists the output logs created by sudo.  When
         replaying, sudoreplay can play the session back in real-time, or the
         playback speed may be adjusted (faster or slower) based on the command
         line options.
    
         The ID should either be a six character sequence of digits and upper case
         letters, e.g. 0100A5, or a pattern matching the iolog_file option in the
         sudoers file.  When a command is run via sudo with log_output enabled in
         the sudoers file, a TSID=ID string is logged via syslog or to the sudo
         log file.  The ID may also be determined using sudoreplay's list mode.
    
         In list mode, sudoreplay can be used to find the ID of a session based on
         a number of criteria such as the user, tty or command run.
    
         In replay mode, if the standard output has not been redirected,
         sudoreplay will act on the following keys:
    
         ' ' (space)   Pause output; press any key to resume.
    
         '<'           Reduce the playback speed by one half.
    
         '>'           Double the playback speed.
    
         The options are as follows:
    
         -d directory  Use directory to for the session logs instead of the
                       default, /var/log/sudo-io.
    
         -f filter     By default, sudoreplay will play back the command's stan-
                       dard output, standard error and tty output.  The -f option
                       can be used to select which of these to output.  The filter
                       argument is a comma-separated list, consisting of one or
                       more of following: stdout, stderr, and ttyout.
    
         -h            The -h (help) option causes sudoreplay to print a short
                       help message to the standard output and exit.
    
         -l [search expression]
                       Enable "list mode".  In this mode, sudoreplay will list
                       available sessions in a format similar to the sudo log file
                       format, sorted by file name (or sequence number).  If a
                       search expression is specified, it will be used to restrict
                       the IDs that are displayed.  An expression is composed of
                       the following predicates:
    
                       command pattern
                               Evaluates to true if the command run matches
    
                       group runas_group
                               Evaluates to true if the command was run with the
                               specified runas_group.  Note that unless a
                               runas_group was explicitly specified when sudo was
                               run this field will be empty in the log.
    
                       runas runas_user
                               Evaluates to true if the command was run as the
                               specified runas_user.  Note that sudo runs commands
                               as user root by default.
    
                       todate date
                               Evaluates to true if the command was run on or
                               prior to date.  See Date and time format for a
                               description of supported date and time formats.
    
                       tty tty name
                               Evaluates to true if the command was run on the
                               specified terminal device.  The tty name should be
                               specified without the /dev/ prefix, e.g. tty01
                               instead of /dev/tty01.
    
                       user user name
                               Evaluates to true if the ID matches a command run
                               by user name.
    
                       Predicates may be abbreviated to the shortest unique string
                       (currently all predicates may be shortened to a single
                       character).
    
                       Predicates may be combined using and, or and ! operators as
                       well as '(' and ')' grouping (note that parentheses must
                       generally be escaped from the shell).  The and operator is
                       optional, adjacent predicates have an implied and unless
                       separated by an or.
    
         -m max_wait   Specify an upper bound on how long to wait between key
                       presses or output data.  By default, sudoreplay will accu-
                       rately reproduce the delays between key presses or program
                       output.  However, this can be tedious when the session
                       includes long pauses.  When the -m option is specified,
                       sudoreplay will limit these pauses to at most max_wait sec-
                       onds.  The value may be specified as a floating point num-
                       ber, e.g. 2.5.
    
         -s speed_factor
                       This option causes sudoreplay to adjust the number of sec-
                       onds it will wait between key presses or program output.
                       This can be used to slow down or speed up the display.  For
                       example, a speed_factor of 2 would make the output twice as
                       fast whereas a speed_factor of .5 would make the output
    
                 names must be specified in English.
    
         CCYY-MM-DD HH:MM:SS
                 ISO time format
    
         DD Month CCYY HH:MM:SS
                 The month name may be abbreviated.
    
         Either time or date may be omitted, the am/pm and timezone are optional.
         If no date is specified, the current day is assumed; if no time is speci-
         fied, the first second of the specified date is used.  The less signifi-
         cant parts of both time and date may also be omitted, in which case zero
         is assumed.
    
         The following are all valid time and date specifications:
    
         now     The current time and date.
    
         tomorrow
                 Exactly one day from now.
    
         yesterday
                 24 hours ago.
    
         2 hours ago
                 2 hours ago.
    
         next Friday
                 The first second of the next Friday.
    
         this week
                 The current time but the first day of the coming week.
    
         a fortnight ago
                 The current time but 14 days ago.
    
         10:01 am 9/17/2009
                 10:01 am, September 17, 2009.
    
         10:01 am
                 10:01 am on the current day.
    
         10      10:00 am on the current day.
    
         9/17/2009
                 00:00 am, September 17, 2009.
    
         10:01 am Sep 17, 2009
                 10:01 am, September 17, 2009.
    
    
    

    FILES

         /var/log/sudo-io          The default I/O log directory.
                                   Example session tty input file.
    
         /var/log/sudo-io/00/00/01/ttyout
                                   Example session tty output file.
    
         /var/log/sudo-io/00/00/01/timing
                                   Example session timing file.
    
         Note that the stdin, stdout and stderr files will be empty unless sudo
         was used as part of a pipeline for a particular command.
    
    
    

    EXAMPLES

         List sessions run by user millert:
    
               # sudoreplay -l user millert
    
         List sessions run by user bob with a command containing the string vi:
    
               # sudoreplay -l user bob command vi
    
         List sessions run by user jeff that match a regular expression:
    
               # sudoreplay -l user jeff command '/bin/[a-z]*sh'
    
         List sessions run by jeff or bob on the console:
    
               # sudoreplay -l ( user jeff or user bob ) tty console
    
    
    

    SEE ALSO

         sudo(8), script(1)
    
    
    

    AUTHORS

         Todd C. Miller
    
    
    

    BUGS

         If you feel you have found a bug in sudoreplay, please submit a bug
         report at http://www.sudo.ws/sudo/bugs/
    
    
    

    SUPPORT

         Limited free support is available via the sudo-users mailing list, see
         http://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or search the
         archives.
    
    
    

    DISCLAIMER

         sudoreplay is provided "AS IS" and any express or implied warranties,
         including, but not limited to, the implied warranties of merchantability
         and fitness for a particular purpose are disclaimed.  See the LICENSE
         file distributed with sudo or http://www.sudo.ws/sudo/license.html for
         complete details.
    
    
    

    Sudo 1.8.6p3 July 12, 2012 Sudo 1.8.6p3

    
    
  • MORE RESOURCE


  • Linux

    The Distributions





    Linux

    The Software





    Linux

    The News



  • MARKETING






  • Toll Free

webmaster@linuxguruz.com
Copyright © 1999 - 2016 by LinuxGuruz