[645] | 1 | #!/usr/bin/perl |
---|
| 2 | |
---|
| 3 | use strict; |
---|
| 4 | use warnings; |
---|
| 5 | use Sys::Hostname; |
---|
[666] | 6 | use Time::HiRes qw(ualarm); |
---|
[645] | 7 | |
---|
[666] | 8 | our $ZCLASS = "scripts-auto"; |
---|
| 9 | our @USERS = qw/root logview/; |
---|
| 10 | |
---|
| 11 | our %USERS; |
---|
| 12 | @USERS{@USERS} = undef; |
---|
| 13 | |
---|
| 14 | sub zwrite($;$$) { |
---|
[665] | 15 | my ($message, $class, $instance) = @_; |
---|
[666] | 16 | $class ||= $ZCLASS; |
---|
[665] | 17 | $instance ||= 'root.'.hostname; |
---|
[666] | 18 | open(ZWRITE, "|-", qw|/usr/bin/zwrite -d -O log -c|, $class, '-i', $instance, '-s', hostname) or die "Couldn't open zwrite"; |
---|
[645] | 19 | print ZWRITE $message; |
---|
| 20 | close(ZWRITE); |
---|
| 21 | } |
---|
| 22 | |
---|
[666] | 23 | my %toclass; |
---|
[645] | 24 | |
---|
[666] | 25 | while (1) { |
---|
| 26 | my @message = scalar(<>); |
---|
| 27 | eval { |
---|
| 28 | local $SIG{ALRM} = sub { die "alarm\n" }; # NB: \n required |
---|
| 29 | ualarm(500*1000); |
---|
| 30 | while (<>) { push @message, $_; } |
---|
| 31 | }; |
---|
| 32 | chomp @message; |
---|
| 33 | map { s/^(.*?): // } @message; |
---|
| 34 | %toclass = (); |
---|
| 35 | foreach my $message (@message) { |
---|
| 36 | sub sendmsg ($;$) { |
---|
| 37 | my ($message, $class) = @_; |
---|
| 38 | $class ||= $ZCLASS; |
---|
| 39 | $toclass{$class} .= $message."\n"; |
---|
[645] | 40 | } |
---|
[666] | 41 | if ($message =~ m|Accepted (\S+) for (\S+)|) { |
---|
| 42 | sendmsg($message) if exists $USERS{$2} |
---|
| 43 | } elsif ($message =~ m|Authorized to (\S+),|) { |
---|
| 44 | sendmsg($message) if exists $USERS{$1}; |
---|
| 45 | } elsif ($message =~ m|Root (\S+) shell|) { |
---|
| 46 | sendmsg($message); |
---|
[667] | 47 | } elsif ($message =~ m|session \S+ for user (\S+)|) { |
---|
| 48 | sendmsg($message) if exists $USERS{$1}; |
---|
[666] | 49 | } elsif ($message =~ m|^Connection closed|) { |
---|
| 50 | # Do nothing |
---|
| 51 | } elsif ($message =~ m|^Invalid user|) { |
---|
| 52 | } elsif ($message =~ m|^input_userauth_request: invalid user|) { |
---|
| 53 | } elsif ($message =~ m|^Received disconnect from|) { |
---|
[668] | 54 | } elsif ($message =~ m|^fatal: Read from socket failed: Connection reset by peer$|) { |
---|
[666] | 55 | } else { |
---|
| 56 | sendmsg($message, "scripts-spew"); |
---|
[646] | 57 | } |
---|
[645] | 58 | } |
---|
[665] | 59 | |
---|
[666] | 60 | foreach my $class (keys %toclass) { |
---|
| 61 | zwrite($toclass{$class}, $class); |
---|
| 62 | } |
---|
[645] | 63 | } |
---|