Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Root Login Auditing !!
Operating Systems Solaris Root Login Auditing !! Post 302081541 by grial on Wednesday 26th of July 2006 06:43:35 AM
Old 07-26-2006
Quote:
Originally Posted by jobbyjoseph
i) If I logonto root just using command boss then the .profile does not execute and hence the root login restirctions and audit trail are not applicable.
That's a normal behaviour. If you don't use "-", the user profile won't be loaded, so your code won't be executed. You could "enclose" boss into a script that logs every execution of itself instead.

Quote:
ii) If I logon to root using boss - , then the .profile is executed and audit trail and root log audit trail are avalaible but when i exit out using exit command then the processes whihc are started with the root equivalent id are killed or exited out.
That's also usual. I would use "nohup" with those commands so that they're not finished when you logout.

One more thing. You may want to put the code inside /etc/profile instead, so that the user won't be able to change its profile and avoid your audit. You may also "trap" CTRL+C.

Regards.
 

10 More Discussions You Might Find Interesting

1. IP Networking

root login password

Hello Guys, We are using Sco Unix 5.0 While we was changing root password from scoadmin, It did not change the password and hang in between. Now, I am unable to login as root user pls. do suggest me how can i skip root password and how can i goto root to change the password again. Or if... (4 Replies)
Discussion started by: subho77
4 Replies

2. Answers to Frequently Asked Questions

Lost root password / Can't login as root

We have quite a few threads about this subject. I have collected some of them and arranged them by the OS which is primarily discussed in the thread. That is because the exact procedure depends on the OS involved. What's more, since you often need to interact with the boot process, the... (0 Replies)
Discussion started by: Perderabo
0 Replies

3. AIX

root login

How do I make it so user "root" can not log directly into an AIX server? I want a user to be able to SU to it but not log into it to keep a log (2 Replies)
Discussion started by: breigner
2 Replies

4. AIX

Can't login root account due to can't find root shell

Hi, yesterday, I changed root's shell in /etc/passwd, cause a mistake then I can not log in root account (can't find correct shell). I attempted to log in single-mode, however, it prompted for single-mode's password then I type root's password but still can not log in. I'm using AIX 5L version 5.2... (2 Replies)
Discussion started by: neikel
2 Replies

5. HP-UX

Cannot login root

With my SSH, my HP-UX cannot login to root. It will come out a message su: unknown id: root. But I can login by user oracle. I also cannot login to console either by using root or oracle anymore. What shall I do. (5 Replies)
Discussion started by: surizan
5 Replies

6. AIX

why I cannot login by root

I can use sudo su to root from my user id through ssh. Also can change root password. However, I cannnot login by root from ssh. Does any body know why? (10 Replies)
Discussion started by: rainbow_bean
10 Replies

7. UNIX for Dummies Questions & Answers

Only root can login using SFTP

Hello, It seems on a machine that I am responsible for supervising only root can use ssh/sftp services. I have looked at sshd_config and do not see anything that can fix this. PermitRootLoggin is enabled but that option does not preclude other users from using ssh/sftp services. When I try and... (5 Replies)
Discussion started by: mojoman
5 Replies

8. UNIX for Dummies Questions & Answers

Root Auditing Questions

First timer here... appreciate any help. My lingo might be off a bit, but ill clarify where necessary. 1- Is there a way to monitor direct logins to root? i.e. logging in directly to root as opposed logging in to a user account then su or sudo to root. i have a machine set to "permitrootlogin... (3 Replies)
Discussion started by: Mas000
3 Replies

9. HP-UX

Hpsmh root can't login

On hp smh i can't login with root,i type correct unix password but said "ERROR: Username and password do not match" Tomcat,apache works and with debug enabled,nothing said on logs :( (2 Replies)
Discussion started by: Linusolaradm1
2 Replies

10. Red Hat

Su root or login root

Hi, I find there is some customized linux with application. When I use login account root and type the password. It is not allow to login. But if I login with specified user and password. Then I use command "su - " and type root passwd. It allow you to switch to "root" account . Or if i... (14 Replies)
Discussion started by: chuikingman
14 Replies

LEARN ABOUT LINUX

gzexe

GZEXE(1)						      General Commands Manual							  GZEXE(1)

NAME

       gzexe - compress executable files in place

SYNOPSIS

       gzexe name ...

DESCRIPTION

       The  gzexe  utility  allows you to compress executables in place and have them automatically uncompress and execute when you run them (at a
       penalty in performance).  For example if you execute ``gzexe /usr/bin/gdb'' it will create the following two files:
	   -rwxr-xr-x  1 root root 1026675 Jun	7 13:53 /usr/bin/gdb
	   -rwxr-xr-x  1 root root 2304524 May 30 13:02 /usr/bin/gdb~
       /usr/bin/gdb~ is the original file and /usr/bin/gdb is the self-uncompressing executable file.  You can remove /usr/bin/gdb~ once  you  are
       sure that /usr/bin/gdb works properly.

       This utility is most useful on systems with very small disks.

OPTIONS

       -d     Decompress the given executables instead of compressing them.

SEE ALSO

       gzip(1), znew(1), zmore(1), zcmp(1), zforce(1)

CAVEATS

       The  compressed executable is a shell script.  This may create some security holes.  In particular, the compressed executable relies on the
       PATH environment variable to find gzip and some standard utilities (basename, chmod, ln, mkdir, mktemp, rm, sleep, and tail).

BUGS

       gzexe attempts to retain the original file attributes on the compressed executable, but you may have to fix them manually  in  some  cases,
       using chmod or chown.

																	  GZEXE(1)
All times are GMT -4. The time now is 04:04 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy