Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: How to know what users are logged in to account
Top Forums UNIX for Dummies Questions & Answers How to know what users are logged in to account Post 100552 by RTM on Tuesday 28th of February 2006 10:36:45 AM
Old 02-28-2006
If both are logged in as root, you could possibly tell from the output of the who command - just associate the terminal connection with the userid (found with ps -ef|grep root). Then, with the who command, look for that terminal to see where they are coming from - you would then have to look on that server to try to find who was logging in as root (if this is what they are doing).

If a person logs in as root on console, then you don't have a way of doing this (unless there are console logs which may or may not have information on the person).

If you are in charge of this server, you should consider setting up the root account so it can only be accessed from console - so anyone signing in can not log in as root (and this will make it easier to find who is using it via the su logs).
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Information about users who have logged.

Hi, Suppose I have a programme called Menu. This menu has various choices as we would expect from a Menu. Now Can you Please help me as I want the details of the Users to be registered to some file , Whoever has entered this particular Program . Basically to see the username and the time that... (2 Replies)
Discussion started by: rooh
2 Replies

2. IP Networking

All tcp/ip users are logged out

I have an RS6000 server running AIX and on occasion all users are logged out of the server "connection closed by foreign host" is the error message. Normally a user can press enter and get a Login prompt, but they get the message "connection refused" and then the users can wait a minute or so and... (2 Replies)
Discussion started by: Docboyeee
2 Replies

3. IP Networking

Users logged in through which NIC

We have two NIC cards in our IBM RS/6000 F50 running AIX 4.3.3 We are trying to make sure we have moved all users to log in through the new NIC. 10.22.x.y (old) 10.22.x.z (new) How can I tell which users are still using the old address for logging in so I can update their work station to... (5 Replies)
Discussion started by: cburtgo
5 Replies

4. Shell Programming and Scripting

how many users logged

in unix what is the syntax to find out how many users are currently logged in (4 Replies)
Discussion started by: trichyselva
4 Replies

5. Post Here to Contact Site Administrators and Moderators

logged out users

how to find out users who logged out within 5 minutes (1 Reply)
Discussion started by: roshni
1 Replies

6. Shell Programming and Scripting

Users Not Logged in

I have searched the forums but have not mangaed to quite find what im looking for. I have used to /etc/passwd command to present me a list of all users the who command to present all users currently logged on, but what i want to know is what command can i use to display users that are registered... (12 Replies)
Discussion started by: warlock129
12 Replies

7. UNIX for Dummies Questions & Answers

How many users are logged in?

How do I find this out? I have a feeling its a simple command such as who, but I just don't know what it is. I've had a search on here but either I can't put it into the right search criteria or there isn't a topic on it. Thanks. EDIT: Delete this thread, as I posted it I noticed the... (0 Replies)
Discussion started by: chris_rabz
0 Replies

8. Red Hat

Current logged in users

I have 2 systems. (1) RHEL5 and (2) winXP pro from xpPRO putty i ssh into rhel5 : user root from xpPRO i ftp into rhel5 : user abc123 when i run #uptime it only shows 1 user when i do #ps -u abc123 : it shows vsftpd deamon PID is there a command that can be used to show all currently... (4 Replies)
Discussion started by: dplinux
4 Replies

9. Shell Programming and Scripting

Users not logged in for last 90 days

Hi, How to find the users who did not login into a UNIX box (thru ssh/ftp or any other way) for last 90 days? I think of using "finger" or "last" command to findout each user's last login and then find number of days between today and that day. Is there any other better way or anyone prepared... (1 Reply)
Discussion started by: reddyr
1 Replies

10. UNIX for Dummies Questions & Answers

Users logged into the system

So I'm trying to write a single line command So I have to use last first in this command and I've figured out the format my professor wants it in, something like thislast | cut -d' ' -f1,15 | sort > check | uniq -c.... and I never can get it right, when I just last command I get something... (2 Replies)
Discussion started by: DoubleAlpha
2 Replies

LEARN ABOUT REDHAT

pivot_root

PIVOT_ROOT(8)						       Maintenance Commands						     PIVOT_ROOT(8)

NAME

       pivot_root - change the root file system

SYNOPSIS

       pivot_root new_root put_old

DESCRIPTION

       pivot_root  moves  the root file system of the current process to the directory put_old and makes new_root the new root file system.  Since
       pivot_root(8) simply calls pivot_root(2), we refer to the man page of the latter for further details.

       Note that, depending on the implementation of pivot_root, root and cwd of the caller may or may not change. The following is a sequence for
       invoking pivot_root that works in either case, assuming that pivot_root and chroot are in the current PATH:

       cd new_root
       pivot_root . put_old
       exec chroot . command

       Note that chroot must be available under the old root and under the new root, because pivot_root may or may not have implicitly changed the
       root directory of the shell.

       Note that exec chroot changes the running executable, which is necessary if the old root directory should be  unmounted	afterwards.   Also
       note  that  standard  input, output, and error may still point to a device on the old root file system, keeping it busy. They can easily be
       changed when invoking chroot (see below; note the absence of leading slashes to make it work whether pivot_root	has  changed  the  shell's
       root or not).

EXAMPLES

       Change the root file system to /dev/hda1 from an interactive shell:

       mount /dev/hda1 /new-root
       cd /new-root
       pivot_root . old-root
       exec chroot . sh <dev/console >dev/console 2>&1
       umount /old-root

       Mount the new root file system over NFS from 10.0.0.1:/my_root and run init:

       ifconfig lo 127.0.0.1 up   # for portmap
       # configure Ethernet or such
       portmap	 # for lockd (implicitly started by mount)
       mount -o ro 10.0.0.1:/my_root /mnt
       killall portmap	 # portmap keeps old root busy
       cd /mnt
       pivot_root . old_root
       exec chroot . sh -c 'umount /old_root; exec /sbin/init' 
	 <dev/console >dev/console 2>&1

SEE ALSO

       chroot(1), mount(8), pivot_root(2), umount(8)

Linux								   Feb 23, 2000 						     PIVOT_ROOT(8)
All times are GMT -4. The time now is 04:45 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy