01-21-2009
Sudo question
Folks;
I have SUDO configured on my SUSE boxes to allow a specific groups to run specific duties so one group has ALL permission & other group has permission to run a few commands only.
when i look at the sudoer log, i see people login info only,
Is there a way to capture every thing users do after becoming root using sudo?
I want to be able to see if the user add file or modify or delete something.
currently i don't see this info.
is there any configuration i can add to sudo to allow me to see every thing the user did after he/she sudo as root?
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
how do i go about adding a file to sudo so a user name oracle can run the file???
for some reason my man pages dont have anything for sudo.
files sudoers exist in /etc
can anyone help this is urgent
thank you (1 Reply)
Discussion started by: TRUEST
1 Replies
2. UNIX for Advanced & Expert Users
Hi, I was wondering if someone can give me some pointers about configuring SUDO. I am trying to configure SUDO to have about 30 users run about 200 scripts as a different user. I understand that I can create an User_Alias but how do I give that User_Alias rights to run all the scripts in a certain... (5 Replies)
Discussion started by: sajjad02
5 Replies
3. UNIX for Dummies Questions & Answers
Folks;
I have a sudo question:
- I have a real user named "greg" and another generic user named "devuser" & application that must be run like start/stop as "devuser" user.
Is there a way to:
Have user Greg login into the Solaris 10 box as himself then sudo as "devuser" to be able to... (10 Replies)
Discussion started by: Katkota
10 Replies
4. Linux
Hello, I would like to know what should I put on the sudoers file to block a determined group os using just one specific command as root?
He can do anything, but not execute program X, how can I do this?
Thank you very much. (2 Replies)
Discussion started by: Zarnick
2 Replies
5. Cybersecurity
Hi,
Is it possible to stop users from copying a login shell, say bash, to another name and then executing it via sudo to gain root priviliges?
Normal users have read access to login shells, so they can copy them without any limitations. How can I stop this?
Thanks (12 Replies)
Discussion started by: melias
12 Replies
6. Ubuntu
Hello all,
Anyone fimilar with su -l command?
So when I do su -l <user> any user it doesn't prompt me for password for that user. How I enable sudo to prompt for password whenever su -l command is used.
Please help!
thanks,
-Lalit
:D (7 Replies)
Discussion started by: email-lalit
7 Replies
7. UNIX for Dummies Questions & Answers
Hello all,
I have a script (script.sh) that is owned and executed by root. Now I need to give another user (user1) sudo access to execute that script.
I edited the /etc/sudoers file, and created the following:
# Runas alias specification
Runas_Alias RO = root
user1 ALL=(RO)... (1 Reply)
Discussion started by: designbc
1 Replies
8. UNIX for Advanced & Expert Users
Hi All
I want to grant elevated privs to a user that will be running a script as a background task. It will be launched from an ssh session via an embedded command in its key that just allows that account to run that script.
I'm reading up on sudo and notice that -
user ALL=(ALL) ALL
... (2 Replies)
Discussion started by: steadyonabix
2 Replies
9. AIX
I am running AIX 6.6.5.115 and am experiencing a problem using sudo. I have shell scripts that I created for our HR user and shell scripts that I created for root administrators. I do have a need to embed a sudo command in the user shell script to run one command as root. However the two... (8 Replies)
Discussion started by: RonDeF
8 Replies
LEARN ABOUT CENTOS
sss_cache
SSS_CACHE(8) SSSD Manual pages SSS_CACHE(8)
NAME
sss_cache - perform cache cleanup
SYNOPSIS
sss_cache [options]
DESCRIPTION
sss_cache invalidates records in SSSD cache. Invalidated records are forced to be reloaded from server as soon as related SSSD backend is
online.
OPTIONS
-E,--everything
Invalidate all cached entries except for sudo rules.
-u,--user login
Invalidate specific user.
-U,--users
Invalidate all user records. This option overrides invalidation of specific user if it was also set.
-g,--group group
Invalidate specific group.
-G,--groups
Invalidate all group records. This option overrides invalidation of specific group if it was also set.
-n,--netgroup netgroup
Invalidate specific netgroup.
-N,--netgroups
Invalidate all netgroup records. This option overrides invalidation of specific netgroup if it was also set.
-s,--service service
Invalidate specific service.
-S,--services
Invalidate all service records. This option overrides invalidation of specific service if it was also set.
-a,--autofs-map autofs-map
Invalidate specific autofs maps.
-A,--autofs-maps
Invalidate all autofs maps. This option overrides invalidation of specific map if it was also set.
-d,--domain domain
Restrict invalidation process only to a particular domain.
-?,--help
Display help message and exit.
SEE ALSO
sssd(8), sssd.conf(5), sssd-ldap(5), sssd-krb5(5), sssd-simple(5), sssd-ipa(5), sssd-ad(5), sssd-sudo(5),sss_cache(8), sss_debuglevel(8),
sss_groupadd(8), sss_groupdel(8), sss_groupshow(8), sss_groupmod(8), sss_useradd(8), sss_userdel(8), sss_usermod(8), sss_obfuscate(8),
sss_seed(8), sssd_krb5_locator_plugin(8), sss_ssh_authorizedkeys(8), sss_ssh_knownhostsproxy(8),pam_sss(8).
AUTHORS
The SSSD upstream - http://fedorahosted.org/sssd
SSSD
06/17/2014 SSS_CACHE(8)