summaryrefslogtreecommitdiffstats
path: root/bin/container-shell
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@open-infrastructure.net>2017-06-29 06:20:51 +0000
committerDaniel Baumann <daniel.baumann@open-infrastructure.net>2017-06-29 06:24:49 +0000
commit2eb164df5a00c812c601cb7e8efc8906f8dd02f5 (patch)
treef56cf5123db64de2449ed318c4a63631d6fa5856 /bin/container-shell
parentDocumenting usage of container-shell command restrictions in its manpage. (diff)
downloadcompute-tools-tmp-shell-log.tar.xz
compute-tools-tmp-shell-log.zip
Adding logging.tmp-shell-log
Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
Diffstat (limited to '')
-rwxr-xr-xbin/container-shell37
1 files changed, 37 insertions, 0 deletions
diff --git a/bin/container-shell b/bin/container-shell
index 38a9ab9..742e18d 100755
--- a/bin/container-shell
+++ b/bin/container-shell
@@ -25,12 +25,45 @@ COMMAND="$(basename ${0})"
LC_ALL="C.UTF-8"
+if [ -n "${SSH_CONNECTION}" ]
+then
+ # ip address
+ CONTAINER_SHELL_USER="$(echo ${SSH_CONNECTION} | awk '{ print $1 }')"
+else
+ # username
+ CONTAINER_SHELL_USER="${SUDO_USER:-${USER}}"
+fi
+
Usage ()
{
echo "Usage: ${PROGRAM}-shell" >&2
exit 1
}
+Log ()
+{
+ DATE="$(date +%Y-%m-%d\ %H:%M:%S)"
+ HOST="$(hostname -f)"
+ MESSAGE="${@}"
+
+ # logfile
+ echo "${DATE} ${HOST} ${CONTAINER_SHELL_USER} ${MESSAGE}" >> "/var/log/${SOFTWARE}/${PROGRAM}.log"
+
+ # irc
+ if [ -e /usr/bin/irk ] && [ -e "/etc/default/${SOFTWARE}" ]
+ then
+ . /etc/default/${SOFTWARE}
+
+ if [ -n "${IRK_TARGETS}" ]
+ then
+ for TARGET in ${IRK_TARGETS}
+ do
+ irk ${TARGET} "\x0300${USER}\x03@\x0312${HOST}:\x03 \x0303${PROGRAM}\x03 \x0307${COMMAND}\x03 ${OPTIONS}"
+ done
+ fi
+ fi
+}
+
Shell ()
{
COMMAND="${1}"
@@ -105,6 +138,8 @@ Shell ()
;;
*)
+ Log "'${COMMAND}' command not allowed"
+
echo "'${COMMAND}': command not allowed for current user" >&2
return
;;
@@ -126,6 +161,8 @@ Shell ()
case "${COMMAND_DISALLOWED}" in
true)
+ Log "'${COMMAND}' command not allowed"
+
echo "'${COMMAND}': command not allowed for current user" >&2
return
;;