sudosh
From Wikipedia, the free encyclopedia
sudosh
is a filter and can be used as a login shell. sudosh takes advantage of pty devices in order to sit between the user's keyboard and a program, in this case a shell.
sudosh was designed specifically to be used in conjunction with sudo or by itself as a login shell. sudosh allows the execution of a root or user shell with logging. Every command the user types within the root shell is logged as well as the output.
This is different from "sudo -s"
or "sudo /bin/sh"
because when you use one of these or a similar method instead of sudosh to start a new shell then this new shell does not log commands typed in the new shell to syslog, only the fact that a new shell started is logged.
If this newly started shell supports commandline history then you can still find the commands called in the shell in a file such as .sh_history
but if you use a shell such as csh that does not support command-line logging you are out of luck.
sudosh fills this gap. No matter what shell you use, all of the command lines are logged to syslog (including vi keystrokes.)