03-06-2007
sudo users
Hi,
I have managed to get rootsh to work. What I want it to do is to start logging users session as soon as they loging to the box. rootsh uses sudo root user and I don't have that setup here. what do you guys think?
I thought about using the .profile and adding a line like
/usr/local/bin/rootsh --user=$username --logdir=$logs
any idea?
thanks
10 More Discussions You Might Find Interesting
1. Solaris
I'm looking for a software to capture my systems logs, and bsm (basic security module) logs to centralise the administration. Do you have a suggestions. Opensource or not. (6 Replies)
Discussion started by: simquest
6 Replies
2. Programming
I have a C program and want to write messages to a log. BSM is being used for O/S auditing. Can I write my messages to the BSM log? If so, how do I do that? I'm not finding any API's for that. Any URLs, samples, guidance would be appreciated. (0 Replies)
Discussion started by: JDO
0 Replies
3. Solaris
I got a lot of this message in my /var/audit log
how can I exclude this message?
header,127,2,invalid event number,fe,hostsol1.com.sg,2007-12-21 00:10:01.001 +08:00,argument,1,0x5,processor ID,argument
,2,0x3,flag,text,P_STATUS,subject,zhang1,root,root,root,root,18228,576129155,291 131094... (1 Reply)
Discussion started by: geoffry
1 Replies
4. Solaris
How do I setup audit to alert on write conditions for individual files? Thanks. (3 Replies)
Discussion started by: dxs
3 Replies
5. Solaris
Hello,
I was wondering when Solaris auditing is enabled, If it is possible to keep track of users that are allowed to sudo to root. In other words, I would like to know which user did what on my Solaris box. (assumig that user can "sudo su -" )
Thanks. (2 Replies)
Discussion started by: niyazi
2 Replies
6. Solaris
Let me preface with I am semi-new to Solaris. I work with it in the labs at work and that's about my extent (although I run Linux at home).
Well, a week ago security comes around with updated requirements, some of which are the need to audit all failures. For the life of me I cannot get a... (0 Replies)
Discussion started by: mph275
0 Replies
7. Solaris
Hi ,
I don't want logs from a particular "library" to get recorded in the audit.log file. Is that possible with BSM? Please guide.
Thanks. (2 Replies)
Discussion started by: chinchao
2 Replies
8. Solaris
New to Solaris in general (coming from a RHEL background) I'm trying to enable auditing on the system with the following in /etc/security/audit_control:
But there are two areas where it seems to break with expected behavior (maybe it's poor expectations on my part):
1) it seems to be... (0 Replies)
Discussion started by: thmnetwork
0 Replies
9. Solaris
Hi all,
I'm trying to read Solaris BSM log in user friendly form. Found old tools including bsmparser java tool and php code. But none of them working. What are you using for parsing BSM log? (2 Replies)
Discussion started by: sembii
2 Replies
10. Solaris
Hello,
Im glad to become a member of this forums,
Im new on solaris and recentrly im introducing to use auditing service in that system.
The need is, that I need how to exclude a directory to the audit service not audit it.
And, a plus, I need of how to disable auditing the root user in... (0 Replies)
Discussion started by: sysh4ck
0 Replies
LEARN ABOUT CENTOS
consolehelper
CONSOLEHELPER(8) System Manager's Manual CONSOLEHELPER(8)
NAME
consolehelper - A wrapper that helps console users run system programs
SYNOPSIS
progname [ options ]
DESCRIPTION
consolehelper is a tool that makes it easy for console users to run system programs, doing authentication via PAM (which can be set up to
trust all console users or to ask for a password at the system administrator's discretion). When possible, the authentication is done
graphically; otherwise, it is done within the text console from which consolehelper was started.
It is intended to be completely transparent. This means that the user will never run the consolehelper program directly. Instead, pro-
grams like /sbin/shutdown are paired with a link from /usr/bin/shutdown to /usr/bin/consolehelper. Then when non-root users (specifically,
users without /sbin in their path, or /sbin after /usr/bin) call the "shutdown" program, consolehelper will be invoked to authenticate the
action and then invoke /sbin/shutdown. (consolehelper itself has no priviledges; it calls the userhelper(8) program do the real work.)
consolehelper requires that a PAM configuration for every managed program exist. So to make /sbin/foo or /usr/sbin/foo managed, you need
to create a link from /usr/bin/foo to /usr/bin/consolehelper and create the file /etc/pam.d/foo, normally using the pam_console(8) PAM mod-
ule.
OPTIONS
This program has no command line options of its own; it passes all command line options on to the program it is calling.
SEE ALSO
userhelper(8)
AUTHOR
Michael K. Johnson <johnsonm@redhat.com>
Red Hat Software 18 March 1999 CONSOLEHELPER(8)