03-25-2008
environment history/audit
hi there,
im going down a few rabbit holes with this one and hoped somebody could point me straight... im not sure if im looking for a log, cmd, or script but i want to know when and where the current environment got set.
eg, if i type env or set i get some entries like:
HOSTNAME=myhost.meh
...
FTP_PROXY=myproxy.meh
...
ftp_proxy=myproxy.meh
...
now we dont use a proxy and i want to prevent those vars from being set.
does a mechanism exist to track what process/file exported those variables? im thinking something like a log level or trigger or anything besides grep -R varstring / since this seems like itd be a fairly common admin task, not to mention greping wont give load order or precedence.
thanks for the help! r, /matt
8 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
I have been resently working on some ksh script. One of the line in the file writes:
.. /etc/.environment dev_env
I can not understand what this mean, all I know is .environment is unix system environment file. Is ".." a command? If some one can give me some clue where can I find information... (7 Replies)
Discussion started by: zzwu3591
7 Replies
2. UNIX for Dummies Questions & Answers
Hello every body,
Kindly inform me How Do i find out the time I executed a command previously on UNIX Solaris??
To be more specific and more clear about what i want to know is that I want a command the enables me to know the history and which command i run at this history/time.
FYI I used... (5 Replies)
Discussion started by: ahmedamer12
5 Replies
3. UNIX for Advanced & Expert Users
Hi all,
My need is :
1. To know who , when , which command used.
2. Local user should not delete this information.
I mean , with an example , i can say
i have a user user1
i need to give all the following permissions to user1, :
a. A specific directory other than his home... (3 Replies)
Discussion started by: linuxadmin
3 Replies
4. Shell Programming and Scripting
Is it possible to find out the history of recently typed in commands of a particular user in a multi user system?
the history command expects a numeric argument with it. is it possible to find out the history o commands of a particular user say John_smith for example? (2 Replies)
Discussion started by: arindamlive
2 Replies
5. AIX
Dear All
When I start the AIX(6100-06)audit subsystem.
the log will save in /audit/stream.out (or /audit/trail), but in default when /audit/stream.out to grow up to 150MB.
It will replace the original /audit/stream.out (or /audit/trail).
Then the /audit/stream.out become empty and... (2 Replies)
Discussion started by: nnnnnnine
2 Replies
6. Solaris
Hi everyone,
how i can configure a single audit service in the global zone for all zones, on solaris BSM.
I will be glad to hear back from you.
Thanks and Regards (3 Replies)
Discussion started by: ladondo
3 Replies
7. UNIX for Dummies Questions & Answers
Hi all,
My need is :
1. To know who , when , which command used.
2. Local user should not delete this information.
I mean , with an example , i can say
i have a user user1
i need to give all the following permissions to user1, :
a. A specific directory other than his home... (1 Reply)
Discussion started by: sriky86
1 Replies
8. What is on Your Mind?
I am pleased to announce this new video in 1080 HD for UNIX lovers honoring thirty years of UNIX history spanning from 1969 to 1999 presented in 150 seconds (two and a half minutes) in 1080 HD, celebrating the 50th anniversary of UNIX.
The Great History of UNIX (1969-1999) | 30 Years of UNIX... (8 Replies)
Discussion started by: Neo
8 Replies
LEARN ABOUT REDHAT
audit_data
audit_data(4) File Formats audit_data(4)
NAME
audit_data - current information on audit daemon
SYNOPSIS
/etc/security/audit_data
DESCRIPTION
The audit_data file contains information about the audit daemon. The file contains the process ID of the audit daemon, and the pathname of
the current audit log file. The format of the file is:
pid>:<pathname>
Where pid is the process ID for the audit daemon, and pathname is the full pathname for the current audit log file.
EXAMPLES
Example 1: A sample audit_data file.
64:/etc/security/audit/server1/19930506081249.19930506230945.bongos
FILES
/etc/security/audit_data
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Interface Stability |Obsolete |
+-----------------------------+-----------------------------+
SEE ALSO
audit(1M), auditd(1M), bsmconv(1M), audit(2), audit_control(4), audit.log(4)
NOTES
The functionality described on this manual page is internal to audit(1M) and might not be supported in a future release.
The auditd utility is the only supported mechanism to communicate with auditd(1M). The current audit log can be determined by examining the
configured audit directories. See audit_control(4).
The functionality described on this manual page is available only if the Basic Security Module (BSM) has been enabled. See bsmconv(1M) for
more information.
SunOS 5.10 14 Nov 2002 audit_data(4)