sudosh is a filter and can be used as a login shell. sudosh takes
advantage of pty devices in order to sit between the user's keyboard
and a program, in this case a shell.
sudosh was designed specifically to be used in conjunction with sudo
or by itself as a login shell.. sudosh allows the execution of a
root shell with logging. Every command the user types within the root
shell is logged as well as the output.
How is this different than "sudo -s" or "sudo /bin/sh" ?
Using "sudo -s" or other methods doesn't log commands typed to syslog.
Generally the commands are logged to a file such as .sh_history and if
you use a shell such as csh that doesn't support command-line logging
you're out of luck.
sudosh fills this gap. No matter what shell you use, all of the command
lines are logged to syslog (including vi keystrokes.)
See README in /usr/doc/sudosh2-<version> for configuration and usage.