mansurali901 · May 20, 2019 09:32
diff --git a/setup_rootssh.sh b/setup_rootssh.sh
 #!/bin/bash
 # This script is designed to install 
 # the SSH terminal logging 
 # currently this script is only work on 
 # CentOS & Ubuntu 
 # Author : Mansur Ul Hasan
 # EMail  : [email protected]
 # Skype  : genious840
 # Facebook : https://www.facebook.com/itmarkaz
 # YouTube : https://www.youtube.com/user/mansur7820
 APPPATH='/usr/local/rootsh'
 LOGPATH="$APPPATH/logs"

    LogShipping () {
        # This function only used when you have other backup locations
        # to store your backup files in order to enable this function 
         
        read -p "Enter your Backup Server's IP : " bsrv
        read -p "Enter the Username for backup : " usrn
        read -p "Enter the location for backup : " bkpl
           cd $LOGPATH 
           gzip $APPPATH/logs/*
           rsync -avr $APPPATH/logs/*.gz $usrn@$bsrv:$bkpl/
          }

 SyncDelete () {
        # This function sync data to remote server and then delete all compressed files.
        LogShipping
        rm -rvf $APPPATH/logs/*.gz
 }

 Install_rootSH () {
    # This function aquire and install the all dependencies 
    # for the package need to install if you have some other 
    # distro then "DEB & RPM" then you can just change in this 
    # section make the script workable for other distros as well

    echo "Downloading Source ...."
    wget -O rootsh-1.5.2.tar.gz https://www.dropbox.com/s/07bnjifrqldmyhk/rootsh-1.5.2.tar.gz?dl=0
    tar -xzvf rootsh-1.5.2.tar.gz
    cd rootsh-1.5.2
    ./configure --disable-syslog --disable-linenumbering --with-logdir=$APPPATH/logs
    make 
    make install
    echo `whereis rootsh` |awk '{print $2}' >> /etc/profile
    
    # Setting up Crontab for recycling of old logs. 
    # In this module we only compress the old logs if 
    # you really thing space contrains you can use our ship functions as well 
    crontab -l | { cat; echo "00 12 * * * root find /usr/local/rootsh/logs -iname *.closed -type f -mmin +6 -print -exec sudo gzip {} \;"; } | crontab -
    cat /etc/crontab  >> crontab 
    echo '* * * * * root find /usr/local/rootsh/logs -iname *.closed -type f -mmin +6 -print -exec sudo gzip {} \;' >> crontab 
    sudo su - 
    mv /home/administrator/crontab /etc/ 
    chmod 644 /etc/crontab  
 } 

 UserManageAdd () {
    # This part of function allow users to add into the group of 
    # logger all active users till the tools is installed will be
    # included for logging if you add users after the installation 
    # of the tool then don't forget to work add users to "rootsh"
    for newuser in `cat /etc/passwd |grep 'bash\|rbash' |cut -d ':' -f1 |grep -v root`
            do
                gruser=`cat group |grep rootsh`
                existance=`echo $gruser |grep $newuser |wc -l`
                    if [ $existance -eq '0' ];
                    then
                        echo "$newuser is not already added...!! "
                        sed -i "s/$gruser/$gruser,$newuser/g" group
                    else
                        echo "User is already exist ...."
                    fi
            done
 } 

 UserManagedel () {

        # This section allows a sys admin to remove user from logging in just calling this 
        # function if you are using this script then you just need to call this script with 
        # sh setup_rootssh.sh --deluser
        # above command will prompt for the username need to delete..
        
        read -p "Enter the name of user to remove from logging : " delitem
        checkuser=`cat group |grep rootsh |grep $delitem |wc -l`

        if [ $checkuser -ge '1' ];
        then
             echo "$delitem is currently listed for logging"
             echo "going to delete the requested user...."
             cat group |grep rootsh |sed -i "s/$delitem\,//g" group
             echo "User has been successfully deleted...."
             echo "List of current users enabled to logging"
             cat group |grep rootsh |cut -d ':' -f4
        else
             echo "User is not present in the loggers group ...."
        fi
 }

 RpmPre () {
    # RpmPre function supports only distros which uses 
    # yum as package manager other then yum package manager
    # this section will not work if you want this section to 
    # work for other distro i would suggest it to change this 
    # section according to your distros
    
    yum update -y 
    yum install gcc make unzip zip curl wget -y 
    addgroup rootsh

    # This section is also important this section creates directory 
    # structure for logging on the same server if you have any 
    # central location for backup this need to define here 
    # in order to change the log path you need to mount the location 
    # and add your path as
    # ie : mkdir -p yourcentrallogpath
    
    mkdir -p $APPPATH/logs/
    chmod 775 $APPPATH/logs/ -R 
    chown -R root:rootsh $APPPATH
    Install_rootSH
 }


 DebPre () {
    apt-get update -y 
    apt-get install gcc make unzip zip curl wget -y 
    addgroup rootsh
    
    # This section is also important this section creates directory 
    # structure for logging on the same server if you have any 
    # central location for backup this need to define here 
    # in order to change the log path you need to mount the location 
    # and add your path as
    # ie : mkdir -p yourcentrallogpath
    
    mkdir -p /usr/local/rootsh/logs/
    chmod 775 /usr/local/rootsh/logs/ -R 
    chown -R root:rootsh /usr/local/rootsh
    Install_rootSH
 }

 DetectOS () {
 # This approved script is enable tool to run only on system where already
 # been well tested so possibilities of bang will reduce.

 echo "
 ALERT !!!!!!!!!
 This function will modify users groups system level permissions
 and perform some administrative task to enable logging in your 
 system if you are not Sys Admin press ctrl and C to quit from script 
 "
    read -n 1 -s -r -p "Press any key to continue .... "

 DetOS=`ls -lh /usr/bin |grep 'apt-get\|yum' |wc -l`
  if [ $DetOS -ge "1" ];
  
  then	
    ver=`ls -lh /usr/bin |grep 'apt-get\|yum'`
    case $ver in
    *"yum"*)
        echo "Linux Operating Architecture is RPM"
        RpmPre
    ;;
    *"apt-get"*)
        echo "Linux Operating Architecture is DEB"
        DebPre
    ;;
    *)
        echo "Unable to find supported platforms "
    ;;
    esac
  else
      echo "Sorry the script is not designed for your architecture"
  fi
  }
  
  systemInstall () {
        DetectOS
   }
        
  case $1 in 
  "--install")
        systemInstall
  ;;
  "--logship")
        LogShipping
  ;;
  --useradd)
        UserManageAdd
  ;;
  --userdel)
        UserManagedel
  ;;
  --help)
  echo "
  =========================================
        Help Section for SSH logger
  =========================================
 Note : If you are here that means you typed wrong arguments.
 Here are some of useable arguments for this script.
 --install          This argument will setup ROOTSSH tool in your Machine.
 --logship          This will enable logs shipping to remote location.
 --useradd          This will add users for logging.
 --userdel          This will allow admin to delete user
 ;;
 *)
    echo "You may have supply wrong argument to script
          please use --help to get help."
          
 ;;
 esac
	#!/bin/bash
	# This script is designed to install
	# the SSH terminal logging
	# currently this script is only work on
	# CentOS & Ubuntu
	# Author : Mansur Ul Hasan
	# EMail : [email protected]
	# Skype : genious840
	# Facebook : https://www.facebook.com/itmarkaz
	# YouTube : https://www.youtube.com/user/mansur7820
	APPPATH='/usr/local/rootsh'
	LOGPATH="$APPPATH/logs"

	LogShipping () {
	# This function only used when you have other backup locations
	# to store your backup files in order to enable this function

	read -p "Enter your Backup Server's IP : " bsrv
	read -p "Enter the Username for backup : " usrn
	read -p "Enter the location for backup : " bkpl
	cd $LOGPATH
	gzip $APPPATH/logs/*
	rsync -avr $APPPATH/logs/*.gz $usrn@$bsrv:$bkpl/
	}

	SyncDelete () {
	# This function sync data to remote server and then delete all compressed files.
	LogShipping
	rm -rvf $APPPATH/logs/*.gz
	}

	Install_rootSH () {
	# This function aquire and install the all dependencies
	# for the package need to install if you have some other
	# distro then "DEB & RPM" then you can just change in this
	# section make the script workable for other distros as well

	echo "Downloading Source ...."
	wget -O rootsh-1.5.2.tar.gz https://www.dropbox.com/s/07bnjifrqldmyhk/rootsh-1.5.2.tar.gz?dl=0
	tar -xzvf rootsh-1.5.2.tar.gz
	cd rootsh-1.5.2
	./configure --disable-syslog --disable-linenumbering --with-logdir=$APPPATH/logs
	make
	make install
	echo `whereis rootsh` \|awk '{print $2}' >> /etc/profile

	# Setting up Crontab for recycling of old logs.
	# In this module we only compress the old logs if
	# you really thing space contrains you can use our ship functions as well
	crontab -l \| { cat; echo "00 12 * * * root find /usr/local/rootsh/logs -iname *.closed -type f -mmin +6 -print -exec sudo gzip {} \;"; } \| crontab -
	cat /etc/crontab >> crontab
	echo '* * * * * root find /usr/local/rootsh/logs -iname *.closed -type f -mmin +6 -print -exec sudo gzip {} \;' >> crontab
	sudo su -
	mv /home/administrator/crontab /etc/
	chmod 644 /etc/crontab
	}

	UserManageAdd () {
	# This part of function allow users to add into the group of
	# logger all active users till the tools is installed will be
	# included for logging if you add users after the installation
	# of the tool then don't forget to work add users to "rootsh"
	for newuser in `cat /etc/passwd \|grep 'bash\\|rbash' \|cut -d ':' -f1 \|grep -v root`
	do
	gruser=`cat group \|grep rootsh`
	existance=`echo $gruser \|grep $newuser \|wc -l`
	if [ $existance -eq '0' ];
	then
	echo "$newuser is not already added...!! "
	sed -i "s/$gruser/$gruser,$newuser/g" group
	else
	echo "User is already exist ...."
	fi
	done
	}

	UserManagedel () {

	# This section allows a sys admin to remove user from logging in just calling this
	# function if you are using this script then you just need to call this script with
	# sh setup_rootssh.sh --deluser
	# above command will prompt for the username need to delete..

	read -p "Enter the name of user to remove from logging : " delitem
	checkuser=`cat group \|grep rootsh \|grep $delitem \|wc -l`

	if [ $checkuser -ge '1' ];
	then
	echo "$delitem is currently listed for logging"
	echo "going to delete the requested user...."
	cat group \|grep rootsh \|sed -i "s/$delitem\,//g" group
	echo "User has been successfully deleted...."
	echo "List of current users enabled to logging"
	cat group \|grep rootsh \|cut -d ':' -f4
	else
	echo "User is not present in the loggers group ...."
	fi
	}

	RpmPre () {
	# RpmPre function supports only distros which uses
	# yum as package manager other then yum package manager
	# this section will not work if you want this section to
	# work for other distro i would suggest it to change this
	# section according to your distros

	yum update -y
	yum install gcc make unzip zip curl wget -y
	addgroup rootsh

	# This section is also important this section creates directory
	# structure for logging on the same server if you have any
	# central location for backup this need to define here
	# in order to change the log path you need to mount the location
	# and add your path as
	# ie : mkdir -p yourcentrallogpath

	mkdir -p $APPPATH/logs/
	chmod 775 $APPPATH/logs/ -R
	chown -R root:rootsh $APPPATH
	Install_rootSH
	}


	DebPre () {
	apt-get update -y
	apt-get install gcc make unzip zip curl wget -y
	addgroup rootsh

	# This section is also important this section creates directory
	# structure for logging on the same server if you have any
	# central location for backup this need to define here
	# in order to change the log path you need to mount the location
	# and add your path as
	# ie : mkdir -p yourcentrallogpath

	mkdir -p /usr/local/rootsh/logs/
	chmod 775 /usr/local/rootsh/logs/ -R
	chown -R root:rootsh /usr/local/rootsh
	Install_rootSH
	}

	DetectOS () {
	# This approved script is enable tool to run only on system where already
	# been well tested so possibilities of bang will reduce.

	echo "
	ALERT !!!!!!!!!
	This function will modify users groups system level permissions
	and perform some administrative task to enable logging in your
	system if you are not Sys Admin press ctrl and C to quit from script
	"
	read -n 1 -s -r -p "Press any key to continue .... "

	DetOS=`ls -lh /usr/bin \|grep 'apt-get\\|yum' \|wc -l`
	if [ $DetOS -ge "1" ];

	then
	ver=`ls -lh /usr/bin \|grep 'apt-get\\|yum'`
	case $ver in
	"yum")
	echo "Linux Operating Architecture is RPM"
	RpmPre
	;;
	"apt-get")
	echo "Linux Operating Architecture is DEB"
	DebPre
	;;
	*)
	echo "Unable to find supported platforms "
	;;
	esac
	else
	echo "Sorry the script is not designed for your architecture"
	fi
	}

	systemInstall () {
	DetectOS
	}

	case $1 in
	"--install")
	systemInstall
	;;
	"--logship")
	LogShipping
	;;
	--useradd)
	UserManageAdd
	;;
	--userdel)
	UserManagedel
	;;
	--help)
	echo "
	=========================================
	Help Section for SSH logger
	=========================================
	Note : If you are here that means you typed wrong arguments.
	Here are some of useable arguments for this script.
	--install This argument will setup ROOTSSH tool in your Machine.
	--logship This will enable logs shipping to remote location.
	--useradd This will add users for logging.
	--userdel This will allow admin to delete user
	;;
	*)
	echo "You may have supply wrong argument to script
	please use --help to get help."

	;;
	esac