sudoreplay - replay sudo session logs
S\bSY\bYN\bNO\bOP\bPS\bSI\bIS\bS
- s\bsu\bud\bdo\bor\bre\bep\bpl\bla\bay\by [-\b-d\bd _\bd_\bi_\br_\be_\bc_\bt_\bo_\br_\by] [-\b-f\bf _\bf_\bi_\bl_\bt_\be_\br] [-\b-m\bm _\bm_\ba_\bx_\b__\bw_\ba_\bi_\bt] [-\b-s\bs _\bs_\bp_\be_\be_\bd_\b__\bf_\ba_\bc_\bt_\bo_\br]
- ID
+ s\bsu\bud\bdo\bor\bre\bep\bpl\bla\bay\by [-\b-h\bh] [-\b-d\bd _\bd_\bi_\br_\be_\bc_\bt_\bo_\br_\by] [-\b-f\bf _\bf_\bi_\bl_\bt_\be_\br] [-\b-m\bm _\bm_\ba_\bx_\b__\bw_\ba_\bi_\bt] [-\b-s\bs
+ _\bs_\bp_\be_\be_\bd_\b__\bf_\ba_\bc_\bt_\bo_\br] ID
- s\bsu\bud\bdo\bor\bre\bep\bpl\bla\bay\by [-\b-d\bd _\bd_\bi_\br_\be_\bc_\bt_\bo_\br_\by] -l [search expression]
+ s\bsu\bud\bdo\bor\bre\bep\bpl\bla\bay\by [-\b-h\bh] [-\b-d\bd _\bd_\bi_\br_\be_\bc_\bt_\bo_\br_\by] -l [search expression]
D\bDE\bES\bSC\bCR\bRI\bIP\bPT\bTI\bIO\bON\bN
s\bsu\bud\bdo\bor\bre\bep\bpl\bla\bay\by plays back or lists the session logs created by s\bsu\bud\bdo\bo. When
_\bf_\bi_\bl_\bt_\be_\br argument is a comma-separated list, consisting of
one or more of following: _\bs_\bt_\bd_\bo_\bu_\bt, _\bs_\bt_\bd_\be_\br_\br, and _\bt_\bt_\by_\bo_\bu_\bt.
- -l Enable "list mode". In this mode, s\bsu\bud\bdo\bor\bre\bep\bpl\bla\bay\by will list
+ -h The -\b-h\bh (_\bh_\be_\bl_\bp) option causes s\bsu\bud\bdo\bor\bre\bep\bpl\bla\bay\by to print a short
+ help message to the standard output and exit.
+
+ -l [_\bs_\be_\ba_\br_\bc_\bh _\be_\bx_\bp_\br_\be_\bs_\bs_\bi_\bo_\bn]
+ Enable "list mode". In this mode, s\bsu\bud\bdo\bor\bre\bep\bpl\bla\bay\by will list
available session IDs. If a _\bs_\be_\ba_\br_\bc_\bh _\be_\bx_\bp_\br_\be_\bs_\bs_\bi_\bo_\bn is
specified, it will be used to restrict the IDs that are
displayed. An expression is composed of the following
predicates:
- command _\bc_\bo_\bm_\bm_\ba_\bn_\bd _\bp_\ba_\bt_\bt_\be_\br_\bn
- Evaluates to true if the command run matches
- _\bc_\bo_\bm_\bm_\ba_\bn_\bd _\bp_\ba_\bt_\bt_\be_\br_\bn. On systems with POSIX regular
- expression support, the pattern may be an extended
- regular expression. On systems without POSIX
-1.7.4 July 12, 2010 1
+
+1.7.6 April 9, 2011 1
SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m)
+ command _\bc_\bo_\bm_\bm_\ba_\bn_\bd _\bp_\ba_\bt_\bt_\be_\br_\bn
+ Evaluates to true if the command run matches
+ _\bc_\bo_\bm_\bm_\ba_\bn_\bd _\bp_\ba_\bt_\bt_\be_\br_\bn. On systems with POSIX regular
+ expression support, the pattern may be an extended
+ regular expression. On systems without POSIX
regular expression support, a simple substring
match is performed instead.
-m _\bm_\ba_\bx_\b__\bw_\ba_\bi_\bt Specify an upper bound on how long to wait between key
presses or output data. By default, s\bsu\bud\bdo\bo_\b_r\bre\bep\bpl\bla\bay\by will
- accurately reproduce the delays between key presses or
- program output. However, this can be tedious when the
- session includes long pauses. When the _\b-_\bm option is
- specified, s\bsu\bud\bdo\bor\bre\bep\bpl\bla\bay\by will limit these pauses to at most
- _\bm_\ba_\bx_\b__\bw_\ba_\bi_\bt seconds. The value may be specified as a floating
-1.7.4 July 12, 2010 2
+1.7.6 April 9, 2011 2
SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m)
+ accurately reproduce the delays between key presses or
+ program output. However, this can be tedious when the
+ session includes long pauses. When the _\b-_\bm option is
+ specified, s\bsu\bud\bdo\bor\bre\bep\bpl\bla\bay\by will limit these pauses to at most
+ _\bm_\ba_\bx_\b__\bw_\ba_\bi_\bt seconds. The value may be specified as a floating
point number, .e.g. _\b2_\b._\b5.
-s _\bs_\bp_\be_\be_\bd_\b__\bf_\ba_\bc_\bt_\bo_\br
2 hours ago
2 hours ago.
- next Friday
- The first second of the next Friday.
-
-
-
-1.7.4 July 12, 2010 3
+1.7.6 April 9, 2011 3
SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m)
+ next Friday
+ The first second of the next Friday.
+
this week
The current time but the first day of the coming week.
sudoreplay -l user millert
- List sessions run by user _\bb_\bo_\bb with a command containing the string vi:
-
-
-1.7.4 July 12, 2010 4
+1.7.6 April 9, 2011 4
SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m)
+ List sessions run by user _\bb_\bo_\bb with a command containing the string vi:
+
sudoreplay -l user bob command vi
List sessions run by user _\bj_\be_\bf_\bf that match a regular expression:
-
-
-1.7.4 July 12, 2010 5
+1.7.6 April 9, 2011 5
projects / debian / sudo / blobdiff