-
Notifications
You must be signed in to change notification settings - Fork 5
/
audit.go
48 lines (42 loc) · 954 Bytes
/
audit.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
package k8ssshpod
import (
"bufio"
"errors"
"io"
"log"
"github.com/gliderlabs/ssh"
)
// audit log from ssh session input command
func auditLog(s ssh.Session, isAudit bool) (io.Reader, func()) {
if isAudit {
// split ssh session for kubernetes api exec
podReader, podWriter := io.Pipe()
// split ssh session for audit logging
auditReader, auditWriter := io.Pipe()
go func() {
io.Copy(io.MultiWriter(podWriter, auditWriter), s)
}()
go func() {
// record audit log
br := bufio.NewReader(auditReader)
for {
line, err := br.ReadString('\r')
if err != nil {
if errors.Is(err, io.EOF) || errors.Is(err, io.ErrClosedPipe) {
return
} else {
panic(err)
}
}
log.Printf("audit log: username: %s command: %s", s.User(), string(line))
}
}()
return podReader, func() {
podReader.Close()
podWriter.Close()
auditReader.Close()
auditWriter.Close()
}
}
return s, nil
}