From bab8f1771b860e26d963162d046383f353ce7d4e Mon Sep 17 00:00:00 2001
From: Axel Burri <axel@tty0.ch>
Date: Wed, 8 Jul 2015 18:05:39 +0200
Subject: [PATCH] ssh_filter_btrbk: no fail if either $LOGNAME or $SSH_CLIENT
 are not set; added log_cmd() function; use relative path for "logger"
 command; cosmetics

---
 ssh_filter_btrbk.sh | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/ssh_filter_btrbk.sh b/ssh_filter_btrbk.sh
index 9e5746d..cb89f16 100755
--- a/ssh_filter_btrbk.sh
+++ b/ssh_filter_btrbk.sh
@@ -10,20 +10,23 @@ if [ "$#" -ge 1 ] && [ "$1" = "-l" ]; then
     enable_log=1
 fi
 
-reject_and_die()
+log_cmd()
 {
     if [ -n "$enable_log" ]; then
-        /usr/bin/logger -p auth.err -t ssh_filter_btrbk.sh "$LOGNAME $SSH_CLIENT REJECT: $SSH_ORIGINAL_COMMAND"
+        logger -p $1 -t ssh_filter_btrbk.sh "$2 (Name: ${LOGNAME:-<unknown>}; Remote: ${SSH_CLIENT:-<unknown>}): $SSH_ORIGINAL_COMMAND"
     fi
-    /bin/echo "ERROR: ssh command rejected" 1>&2;
-    exit 1;
+}
+
+reject_and_die()
+{
+    log_cmd "auth.err" "btrbk REJECT"
+    /bin/echo "ERROR: ssh command rejected" 1>&2
+    exit 1
 }
 
 run_cmd()
 {
-    if [ -n "$enable_log" ]; then
-        /usr/bin/logger -p auth.info -t ssh_filter_btrbk.sh "$LOGNAME $SSH_CLIENT ALLOW: $SSH_ORIGINAL_COMMAND"
-    fi
+    log_cmd "auth.info" "btrbk ACCEPT"
     $SSH_ORIGINAL_COMMAND
 }