Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: solaris BSM and Auditing
Top Forums UNIX for Dummies Questions & Answers solaris BSM and Auditing Post 302109504 by skywalker850i on Tuesday 6th of March 2007 09:09:02 AM
Old 03-06-2007
Bug sudo users
Hi,

I have managed to get rootsh to work. What I want it to do is to start logging users session as soon as they loging to the box. rootsh uses sudo root user and I don't have that setup here. what do you guys think?

I thought about using the .profile and adding a line like

/usr/local/bin/rootsh --user=$username --logdir=$logs

any idea?

thanks
 

10 More Discussions You Might Find Interesting

1. Solaris

Solaris BSM log software

I'm looking for a software to capture my systems logs, and bsm (basic security module) logs to centralise the administration. Do you have a suggestions. Opensource or not. (6 Replies)
Discussion started by: simquest
6 Replies

2. Programming

how to write to Solaris BSM log

I have a C program and want to write messages to a log. BSM is being used for O/S auditing. Can I write my messages to the BSM log? If so, how do I do that? I'm not finding any API's for that. Any URLs, samples, guidance would be appreciated. (0 Replies)
Discussion started by: JDO
0 Replies

3. Solaris

Solaris BSM audit log

I got a lot of this message in my /var/audit log how can I exclude this message? header,127,2,invalid event number,fe,hostsol1.com.sg,2007-12-21 00:10:01.001 +08:00,argument,1,0x5,processor ID,argument ,2,0x3,flag,text,P_STATUS,subject,zhang1,root,root,root,root,18228,576129155,291 131094... (1 Reply)
Discussion started by: geoffry
1 Replies

4. Solaris

Solaris 9 Auditing

How do I setup audit to alert on write conditions for individual files? Thanks. (3 Replies)
Discussion started by: dxs
3 Replies

5. Solaris

Solaris user auditing

Hello, I was wondering when Solaris auditing is enabled, If it is possible to keep track of users that are allowed to sudo to root. In other words, I would like to know which user did what on my Solaris box. (assumig that user can "sudo su -" ) Thanks. (2 Replies)
Discussion started by: niyazi
2 Replies

6. Solaris

BSM auditing issues, need to audit "permission denied"

Let me preface with I am semi-new to Solaris. I work with it in the labs at work and that's about my extent (although I run Linux at home). Well, a week ago security comes around with updated requirements, some of which are the need to audit all failures. For the life of me I cannot get a... (0 Replies)
Discussion started by: mph275
0 Replies

7. Solaris

BSM auditing

Hi , I don't want logs from a particular "library" to get recorded in the audit.log file. Is that possible with BSM? Please guide. Thanks. (2 Replies)
Discussion started by: chinchao
2 Replies

8. Solaris

Needs some orientation on BSM/auditing

New to Solaris in general (coming from a RHEL background) I'm trying to enable auditing on the system with the following in /etc/security/audit_control: But there are two areas where it seems to break with expected behavior (maybe it's poor expectations on my part): 1) it seems to be... (0 Replies)
Discussion started by: thmnetwork
0 Replies

9. Solaris

How can I read Solaris BSM log?

Hi all, I'm trying to read Solaris BSM log in user friendly form. Found old tools including bsmparser java tool and php code. But none of them working. What are you using for parsing BSM log? (2 Replies)
Discussion started by: sembii
2 Replies

10. Solaris

Exclude an specific directory for auditing in Solaris 10

Hello, Im glad to become a member of this forums, Im new on solaris and recentrly im introducing to use auditing service in that system. The need is, that I need how to exclude a directory to the audit service not audit it. And, a plus, I need of how to disable auditing the root user in... (0 Replies)
Discussion started by: sysh4ck
0 Replies

LEARN ABOUT PLAN9

newuser

NEWUSER(8)						      System Manager's Manual							NEWUSER(8)

NAME

       newuser - adding a new user

SYNOPSIS

       rc /sys/lib/newuser

DESCRIPTION

       To  establish a new user on Plan 9, add the user's name to /adm/users by running the newuser command on the console of the file server (see
       users(6) and fs(8)).  Next, give the user a password using the changeuser  command  on  the  console  of  the  authentication  server  (see
       auth(8)).   At this point, the user can bootstrap a terminal using the new name and password.  The terminal will only get as far as running
       rc, however, as no profile exists for the user.

       The rc(1) script /sys/lib/newuser sets up a sensible environment for a new user of Plan 9.  Once the terminal is running rc, type

	      rc /sys/lib/newuser

       to build the necessary directories in /usr/$user and create a reasonable initial profile in /usr/$user/lib/profile.  The script	then  runs
       the  profile  which,  as  its last step, brings up 81/2(1).  At this point the user's environment is established and running.  (There is no
       need to reboot.)  It may be prudent at this point to run passwd(1) to change the password, depending on how the initial password  was  cho-
       sen.

       The profile built by /sys/lib/newuser looks like this:

	      bind -a $home/bin/rc /bin
	      bind -a $home/bin/$cputype /bin
	      font = /lib/font/bit/pelm/euro.9.font
	      switch($service){
	      case terminal
		   prompt=('term% ' '  ')
		   fn term%{ $* }
		   exec 81/2
	      case cpu
		   bind -b /mnt/term/mnt/81/2 /dev
		   prompt=('cpu% ' '   ')
		   echo -n $sysname > /dev/label
		   fn cpu%{ $* }
		   news
	      case con
		   prompt=('cpu% ' '   ')
		   news
	      }

       Sites may make changes to /sys/lib/newuser that reflect the properties of the local environment.

       Use the -c option of mail(1) to create a mailbox.

SEE ALSO

       passwd(1), 81/2(1), namespace(4), users(6), auth(8), fs(8)

																	NEWUSER(8)
All times are GMT -4. The time now is 02:49 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy