10-28-2008
Of course these files are not updated. When your user switches from one user to another all the command s/he types in as the other user goes to this new users .sh_history file. You can control which history file is being used by setting the HISTFILE variable in the ksh environment.
But even then your main problem will remain: your system is unsecure - and inherently so. There is no other option than to limit what users do as root or as root-equivalent users. I woul suggest you explore tools like sudo and create a thorough concept which user should be able to do what - and then limit his possiblities to exactly this.
Giving all your users root authority is just lazyness in terms of coming up with such a concept. As long as every user is allowed to do everything you don't have to worry about security - it is simply nonexistent and the only thing you can do about it - save for changing the attitude - is getting used to it.
I hope this helps.
bakunin
9 More Discussions You Might Find Interesting
1. Solaris
How can you control old system logs keep(or storage) time in Solaris ? Is there any method ? it depends on buffer size long or date long ? (1 Reply)
Discussion started by: xramm
1 Replies
2. Shell Programming and Scripting
Hi All,
I have around 15 servers.
I need to check for the error in /var/adm/messages in 15 servers of current date everyday and log it in one server.
rsh is configured in all servers.
The command I am using to accomplish this in shell script is
rsh <remote sever> grep 'Jun 17'... (2 Replies)
Discussion started by: partha_bhunia
2 Replies
3. Shell Programming and Scripting
Hi,
I am trying to write a script which would go search and get the info from the logs based on yesterday timestamp and write yesterday logs in new file. The log file format is as follows:
""""""""""""""""""""""""""... (3 Replies)
Discussion started by: harish.parker
3 Replies
4. Solaris
I am working on a SUN T2000 machine with Solaris 10 running on it. When I checked the system this morning, I found it to be turned off. The lastreboot command showed that the system had been shut down the previous night.
I want to find out how the system was shut down. I have run hardware health... (2 Replies)
Discussion started by: batman727
2 Replies
5. AIX
good evening all
dear all where i can find the system logs in AIX 5.3 (1 Reply)
Discussion started by: thecobra151
1 Replies
6. Solaris
Hi all
I have a newly installed Oracle X2-4 server running Solaris 10 x86 with the latest patches.
I have one non-global zone configured running an Oracle DB instance.
After configuring IPMP failover between two NICs on the server and rebooting I am seeing the /var/adm/messages being flooded... (7 Replies)
Discussion started by: notreallyhere
7 Replies
7. Red Hat
This isn't a RedHat specific question. The software in question might be used for any Linux distribution. Would it be advisable or inadvisable for my application, to be downloaded by many people I don't know, to write to the following logs in /var/log?
maillog or mail.log
messages
secure
... (10 Replies)
Discussion started by: Brandon9000
10 Replies
8. AIX
hello,
i just want to know logs files for these actions listed below :
- User Account Creation
- User Account Deletion
- Failed and or Successful User Password Changes
- Failed Login Activities for all User Users
- System Reboot or and shutdown
help appreciated... (6 Replies)
Discussion started by: Bolou
6 Replies
9. Shell Programming and Scripting
Appreciate help for the below issue.
Im using below code.....I dont want to attach the logs when I ran the perl twice...I just want to take backup with today date and generate new logs...What I need to do for the below scirpt..............
1)if logs exist it should move the logs with extention... (1 Reply)
Discussion started by: Sanjeev G
1 Replies
LEARN ABOUT SUSE
pmvarrun
pmvarrun(8) pam_mount pmvarrun(8)
Name
pmvarrun - updates /var/run/pam_mount/user
Syntax
pmvarrun -u user [options]
Description
A separate program is needed so that /var/run/pam_mount/user may be created with a pam_mount-specific security context (otherwise SELinux
policy will conflict with gdm, which also creates file in /var/run).
pmvarrun is flexible and can run in a number of different security setups:
root-root
When pmvarrun is invoked as root, /var/run/pam_mount's permission settings can be as strict as needed; usually (0755,root,root) is a good
pick as it gives users the debug control over their refcount. Refcount files are given their respective owners (chowned to the user who
logs in).
user-user
When invoked as the user who logs in, /var/run/pam_mount needs appropriate permissions to create a file, which means the write bit must be
set. It is also highly suggested to set the sticky bit in this case, so other users do not tamper with your refcount.
root-user
Some programs or login helpers incorrectly call the PAM stack in a way that the login phase is done as root and the logout phase as a nor-
mal user. Nevertheless, pmvarrun supports this, and the same permissions as in root-root can be used. While the user may not be able to
unlink his file from /var/run/pam_mount, it will be truncated to indicate the same state.
Options
--help, -h
Display help.
--user user, -u user
User to handle, must be a valid username.
--operation number, -o number
Increase volume count by number.
-d Turn on debugging.
Files
/var/run/pam_mount/user
Author
This manpage was originally written by Bastian Kleineidam <calvin@debian.org> for the Debian distribution of libpam-mount but may be used
by others.
See /usr/share/doc/packages/pam_mount/AUTHORS for the list of original authors of pam_mount.
pam_mount 2008-10-08 pmvarrun(8)