Re: rm logging

To: 'Debian User List' <debian-user@lists.debian.org>
Subject: Re: rm logging
From: Colin Watson <cjwatson@debian.org>
Date: Fri, 30 Nov 2001 09:07:38 -0600
Message-id: <[🔎] 20011130090738.A31501@debian.org>
Mail-followup-to: Colin Watson <cjwatson@debian.org>, 'Debian User List' <debian-user@lists.debian.org>
In-reply-to: <[🔎] A1611D15EB74D3119F9C0008C7E62D50126A3B4C@cplz33.mobile.belgacom.be>; from Kim.DE.SMAELE@PROXIMUS.NET on Fri, Nov 30, 2001 at 03:13:05PM +0100
References: <[🔎] A1611D15EB74D3119F9C0008C7E62D50126A3B4C@cplz33.mobile.belgacom.be>

On Fri, Nov 30, 2001 at 03:13:05PM +0100, DE SMAELE Kim (BMB) wrote:
> I am trying to setup an remove logging on a few of our sun E10K development
> servers.
> Is there any one of you who has an idea howto log every rm command  ( not in
> the syslog or with the sysdaemon if possible ).

You will have to recompile rm. You'll also almost certainly have to use
the syslog, because anything else would require either having a
world-writeable log file (rather pointless for this task) or a new
setuid/setgid program (bad idea).

I can't help thinking you're trying to solve the wrong problem. What
happens if somebody uses the unlink() system call, or if somebody just
truncates a file to zero length? You can't log everything unless you
want to hack the kernel and have a great deal of time to analyse log
files.

-- 
Colin Watson                                  [cjwatson@flatline.org.uk]

Reply to:

References:
- rm logging
  - From: "DE SMAELE Kim \(BMB\)" <Kim.DE.SMAELE@PROXIMUS.NET>

Prev by Date: badiane: How do I recompile a package
Next by Date: Re: badiane: How do I recompile a package
Previous by thread: rm logging
Next by thread: Re: rm logging
Index(es):
- Date
- Thread