Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: RBAC & Logging
Operating Systems Solaris RBAC & Logging Post 302402293 by bitlord on Tuesday 9th of March 2010 10:47:09 AM
Old 03-09-2010
RBAC & Logging
I'm trying to set up RBAC, and I need to know where the logs for RBAC are.
I'm using Solaris 10 as my OS.
I've been reading a lot of documents online and just can't seem to find where the related logs are.

My problem is I need to be able to track a user when they su to a role profile, and what commands they use.

If there are no RBAC logs I may have to set up audit logs. I have never done this.

Any help would be great.
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

RBAC logging

Hi gurus: I have not come accross any links on the internet that shows how to set up logging in RBAC and also is it possible to get the granularity and simplicity of sudo logging in RBAC. I have heard that RBAC logs are complicated to read and not as simple and granular as sudo logs. Your help... (0 Replies)
Discussion started by: geomonap
0 Replies

2. Solaris

Rbac

I am trying to let user asillitoe su to the godbrook role to execute commands. I have editted files as follows: user_attr: asillito::::type=normal;roles=godbrook godbrook::::type=role;profiles=Gadbrook,All prof_attr: Gadbrook:::Allow root commands to be used by godbrook: exec_attr:... (0 Replies)
Discussion started by: chrisdberry
0 Replies

3. Solaris

RBAC Help

do i have to create a new account to add a role? i want the sysadmin login i have 3 users on my systems sysadmin secman oc01 also 3 profiles SA (goes t0 sysadmin account) SSO (goes to secman account) LMICS (goes to oc01 account) the user accounts are located in /h/USERS/local the... (4 Replies)
Discussion started by: deaconf19
4 Replies

4. UNIX for Dummies Questions & Answers

Unix Rbac

Can anyone help me on "How to change Unix to support RBAC policy"? (4 Replies)
Discussion started by: JPoroo
4 Replies

5. Solaris

rbac problem.

Hi all! On backup server with contab my script worked, but one command don't fine to be executed: bash-3.00$ scp itadmin@172.17.0.44:/export/backups/* /bckp1/opencms/bcp_`date +%Y%m%d`/ www-zone.cfg 100%... (0 Replies)
Discussion started by: sotich82
0 Replies

6. Solaris

Difference between sudo & RBAC

Hello Everybody I would like to know any major difference between sudo & RBAC as I am bit familiar with RBAC but not with sudo (2 Replies)
Discussion started by: girish.batra
2 Replies

7. HP-UX

RBAC question

hi every one i tried rbac and i made 1- role called GizaRoot 2- group called gizagroup 3- added privlage autherization called "m.k" /usr/sbin/useradd:dflt:(m.k,*):0/0//:dflt:dflt:dflt: i assigned the role to group and add user to that group then su to user and tried to use the command ... (0 Replies)
Discussion started by: maxim42
0 Replies

8. Solaris

Sol10 + OpenLDAP = excessive logging & full file system??!!

Hello all, new to this forum (member of many others). Hopefully I can find help here. SERVER: Brand new server Oracle Enterprise SPARC T4-1 Loaded Solaris SPARC 10 u10, patched to 147440-27 Loaded OpenLDAP v2.4.30 Loaded Berkley DB 4.7.25.NC Loaded OpenSSL 1.0.1c Note: All packages are... (2 Replies)
Discussion started by: Wraith_G2IC
2 Replies

9. Linux

Syslog not logging successful logging while unlocking server's console

When unlocking a Linux server's console there's no event indicating successful logging Is there a way I can fix this ? I have the following in my rsyslog.conf auth.info /var/log/secure authpriv.info /var/log/secure (1 Reply)
Discussion started by: walterthered
1 Replies

10. Solaris

Connection Logging in Solaris 10 & 11 - Beginner

Excuse my ignorance as I am very new to working with Solaris. I'm looking for documentation on how to create a network log in Solaris 10 & 11. I don't wish to edit any of the logs currently the system. I simply want a log that will capture all incoming IP addresses and log them with a time-in... (8 Replies)
Discussion started by: FamousAv8er
8 Replies

LEARN ABOUT OSF1

audit_setup

auditconfig(8)						      System Manager's Manual						    auditconfig(8)

NAME

       auditconfig, audit_setup - Audit subsystem configuration graphical interface (Enhanced Security)

SYNOPSIS

       /usr/sbin/sysman auditconfig

       NOTE:  The audit_setup utility has been replaced by the auditconfig graphical interface.

DESCRIPTION

       The  graphical  user interface is used interactively to establish the audit environment on your system.	The interface can be selected from
       the Sysman menu, syman_station (including PC clients), or it can be started from the command line.  See the sysman(8) and  syman_station(8)
       reference pages for more details.

       If  a  kernel  rebuild is required as part of the configuration, auditconf guides the user through the rebuild and reboot.  The auditconfig
       interface configures the following aspects of the audit subsystem: Location of the audit logs.  The /var/audit/ directory  is  the  default
       area.   Action  for  the  audit subsystem to take if the file space allocated for audit logs is exhausted.  Trimming of audit logs.  Enable
       accepting audit data from remote systems.  Select the profiles/categories of events to be audited.  Include environment strings with an	or
       system call.

       You must be root to run

FILES

       /etc/sec/event_aliases
	      A set of aliases by which logically related groupings of events can be constructed.  You can modify this set of aliases to suit your
	      site's requirements.

       /etc/sec/auditmask_style
	      Auditmask style selections.

       /etc/sec/auditd_clients
	      A list of hosts from which audit data can be accepted.

       /etc/sec/auditd_loc
	      A list of alternative locations in which auditd stores audit data when an overflow condition is reached.

       /etc/sec/audit_events
	      A list of all security-relevant system calls and trusted (application) events.  You can modify this file or use it as a template.

       /etc/sec/file_objects/*
	      The list of files that auditconfig used to enable object selection or deselection.

       /etc/rc.config.common
	      The cluster-wide rc variables for the audit subsystem.

       /etc/sec/rc_audit_events
	      Used for input to for audit events during system initialization.

       /etc/sec/fs_objects
	      Created when object (de)selection is derived from a profile(category).  It contains the selected profile's entries of file objects.

RELATED INFORMATION

       Commands: auditmask(8), auditd(8), sysman(8), sysman_station(8)
       Security, System Administration delim off

																    auditconfig(8)
All times are GMT -4. The time now is 11:46 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy