Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: tracking user action
Top Forums UNIX for Advanced & Expert Users tracking user action Post 302087770 by System Shock on Tuesday 5th of September 2006 04:18:43 PM
Old 09-05-2006
Couple things you could do:

- You could set an environment that keeps separate shell histories for any user that su's to oracle. Ex: make user oracle's shell ksh, then make .profile writable to root only. In .profile, set HISTFILE to something like .sh_history.$USER. You can script the retrieval of the user name or, something I saw implemented before, you give the users a code they need to enter, which will match their usernames.

You could make the oracle account accessible to only one user at the time. Same deal, whatever .profile or .bashrc, you make writable to root only. Inside, script a check to see if anyone is already su'd to oracle. If so, kill the session. Then you can simply use sulog and the oracle user's shell history.
 

9 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

action command

Hi.. When i refered the script /etc/rc.sysinit... i found the "action commands" like But this is not working in my shells.. the following error is coming... Please anybody help Thanks in advance esham (5 Replies)
Discussion started by: esham
5 Replies

2. UNIX for Advanced & Expert Users

Command Tracking

Hi, OS: Solaris9, SPARC Is there any way I can track the commands run by users from the shell prompt? Example: Somebody is deleting files from the system. Who it is is a mystery. That person obviously does not use bash prompt so there is no history. Is there anyway I can find out who... (5 Replies)
Discussion started by: mahatma
5 Replies

3. UNIX for Advanced & Expert Users

Tracking user

dear all, I'm facing problem that is i have noticed from few days back that some body is deleting and making changes in the file from developement server where i'm working(in unix) so i want to track that who is using the server, what performancr they are doing and each every thing which r... (5 Replies)
Discussion started by: panknil
5 Replies

4. UNIX for Advanced & Expert Users

Tracking down the problem

Is there a way to track down what process is sending to a certain port? I have some thing pounding the network with requests to a multicast IP that doesn't exist. I have shut down all comms related processes and yet it is still there. Need a way to track the port or IP back to the process. Thanks... (3 Replies)
Discussion started by: mattmanuel
3 Replies

5. UNIX for Dummies Questions & Answers

Tracking user access

Hi, An important file in my solaris server has been deleted. Is there any way that i can find out when was that file deleted and what user account was used to delete the file.. (1 Reply)
Discussion started by: saharookiedba
1 Replies

6. Red Hat

Tracking Process to a particular

I've tried to see what I can find on my own but I'm coming up with goose eggs. Basically I was wondering if there was a way of querying the scheduler (or something similar) to track a process back to a particular CPU it's executing on at the time of the command. ps has a "cpu" output option but... (1 Reply)
Discussion started by: thmnetwork
1 Replies

7. Shell Programming and Scripting

multiple action!

lets explain it easy by showing the initial file and desired file: I've a file such this that contains: initial_file: 31/12/2011 23:46:08 38.6762 43.689 14.16 Ml 3.1 ... (1 Reply)
Discussion started by: oreka18
1 Replies

8. HP-UX

Tracking what commands were executed after sudo to another user

All team members has sudo access to user "batch55". Need to track all the commands used by team members after sudo to "batch55". Using HP-UX and ksh shell in our environment. How can i acheive this? Thanks In Advance. (2 Replies)
Discussion started by: venkatababu
2 Replies

9. Shell Programming and Scripting

How can i TRAP a user Logout action?

When the temp user logs in i see his session as below. # who root pts/0 2017-08-18 08:32 (121.87.51.113) temp pts/1 2017-08-18 09:06 (121.87.51.113) root pts/2 2017-08-18 08:59 (121.87.51.113) When he logs out by either firing exit command or closing the... (3 Replies)
Discussion started by: mohtashims
3 Replies

LEARN ABOUT DEBIAN

calife

CALIFE(1)						    BSD General Commands Manual 						 CALIFE(1)

NAME

     calife -- becomes root (or another user) legally.

SYNOPSIS

     calife [-] [login]

	    or

     ... [-] [login] for some sites (check with your administrator).

DESCRIPTION

     Calife requests user's own password for becoming login (or root, if no login is provided), and switches to that user and group ID after veri-
     fying proper rights to do so.  A shell is then executed.  If calife is executed by root, no password is requested and a shell with the appro-
     priate user ID is executed.

     The invoked shell is the user's own except when a shell is specified in the configuration file calife.auth.

     If ``-'' is specified on the command line, user's profile files are read as if it was a login shell.

     This is not the traditional behavior of su.

     Only users specified in calife.auth can use calife to become another one with this method.

     You can specify in the calife.auth file the list of logins allowed for users when using calife.  See calife.auth(5) for more details.

     calife.auth is installed as /etc/calife.auth.

FILES

     /etc/calife.auth  List of users authorized to use calife and the users they can become.
     /etc/calife.out   This script is executed just after getting out of calife.

SEE ALSO

     su(1), calife.auth(5), group(5), environ(7)

ENVIRONMENT

     The original environment is kept. This is not a security problem as you have to be yourself at login (i.e. it does not have the same security
     implications as in su(1) ).

     Environment variables used by calife:

     HOME  Default home directory of real user ID.

     PATH  Default search path of real user ID unless modified as specified above.

     TERM  Provides terminal type which may be retained for the substituted user ID.

     USER  The user ID is always the effective ID (the target user ID) after an su unless the user ID is 0 (root).

BUGS

     The MD5-based crypt(3) function is slower and probably stronger than the DES-based one but it is usable only among FreeBSD 2.0+ systems.

HISTORY

     A calife command appeared in DG/UX, written for Antenne 2 in 1991. It has evolved considerably since this period with more OS support, user
     lists handling and improved logging.

     PAM support was introduced in 2005 to port it to MacOS X variants (Panther and up).

AUTHOR

     Ollivier Robert <roberto@keltia.freenix.fr>

BSD
								September 25, 1994							       BSD
All times are GMT -4. The time now is 02:43 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy