Find the answer to your Linux question:
Results 1 to 3 of 3
I need help creating a script that makes a log file in wich to save information about every user that uses the ftp command (information like username and date) and ...
  1. 03-26-2010 #1
    Brian_
    Brian_ is offline
    Just Joined!
    Join Date
    Mar 2010
    Posts
    1

    Need help writing a shell script that logs some actions

    I need help creating a script that makes a log file in wich to save information about every user that uses the ftp command (information like username and date) and the server to wich he is trying to connect.

    I'm new to Shell scripting and I'm not really sure how to create this script. Any sugestions would be apreciated. Thank you.
    Reply With Quote Reply With Quote
  2. 03-26-2010 #2
    Cabhan
    Cabhan is offline
    Trusted Penguin Cabhan's Avatar
    Join Date
    Jan 2005
    Location
    Seattle, WA, USA
    Posts
    3,230
    This is going to be a bit complicated. The reason for this is that you have no control over how a user invokes an ftp program.

    If you're solely concerned about the "ftp" program, you could theoretically replace it with a script that logs some information and then calls the actual ftp program. This would require that all information you wanted be passed in on the commandline though.

    A more interesting solution would be to use iptables to route all packets on port 21 to some other logging program which checked the destination and originating process (if this can be done), and uses this information to figure out the user who originated the connection.

    You could, of course, also modify the source code of the "ftp" program to include these logging facilities. Or use LD_PRELOAD to force the program to load a modified library of yours that would do the logging.

    The short answer is that there's no short and easy answer to your question. And Bash can definitely not do this in the general case. You will essentially need to modify some program somewhere in order to achieve this.
    DISTRO=Arch
    Registered Linux User #388732
    Reply With Quote Reply With Quote
  3. 03-26-2010 #3
    lomcevak
    lomcevak is offline
    Linux Newbie
    Join Date
    Mar 2009
    Posts
    228
    I've never used ftp on a Linux system so I can't say exatly how to do this but I have done this on another UNIX system (Tru64).

    In the manpage for ftpd is says:

    -l Each ftp(1) session is logged in the syslog. If this flag appears twice,
    additional information about operations performed (such as files retrieved,
    directories created, etc.) will be logged via syslog. If it appears three
    times, some other statistics such as the number of bytes transferred will be
    logged via syslog as well.
    So if you can get the ftpd to start with the -l option what you want will be in syslog. Then what you would do is parse the appropriate log file.

    I think you would have to do something with xinetd files in /etc/xinetd.d. Sorry, can't help you anymore than that.
    Last edited by lomcevak; 03-27-2010 at 12:02 AM.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

...