Auditing issue is very detailed state..I according to me you must decide exaclty what objects will be in your audit records and you must run audit this form..
You can look in this page howto this
And so you can configure some flags like below in your audit conf (audit_control )
Code:
no = no_class
fr = file_read
fw = file_write
fa = file_attr_acc
fm = file_attr_mod
fc = file_creation
fd = file_deletion
dl = file_close
pc = process
nt = network
ip = ipc
na = non_attrib
ad = administrative
lo = login_logout
ap = application
io = ioctl
ex = exec
to = other
all = all
I was just going thru the auditing script ..
2 questions pop in mind .. Why did they move S81volmgmt .. What is the logic behind not loading it ..
2) Why the purpose of the device allocate entries (2 Replies)
Background:
I a trying to audit user administration on a AIX box. I am trying to make sure that any changes made by the System administrator to the user accounts (Add users, changing their attributes or deleting users) are accompanied by authorization i.e. the system admin does not make any... (0 Replies)
i want to audit user commands ..
keep track of what commands each user has been giving ..
can this be done by writing a script in engraving it in .profile of the user.
or is there any other way of doing this ...
rgds
raj (2 Replies)
Hi all
I hope to find what i'm looking for in this forum
as said in the topic i want to track user's actions on the system. i mean also the action of moving or removing files. I have an HP 9000 with HP UX 11i. the users log on the HP from a terminal window under WIndows XP
Thx (3 Replies)
:)I need a little help. I have sent all of our logs to our log server, but I can't send the audit logs that are in /var/log/audit.log. Can someone give me some type of idea to transfer these logs.
Thank You (2 Replies)
Hi All,
I need to put in place a UNIX shell script that calls three sql scripts & reports to the DBAs.
I already have the three sql scripts in place & they perform the following database auditing actions:
1. actions.sql
This script queries the DBA_AUDIT _TRAIL table to look for database user... (2 Replies)
Hello,
I was wondering when Solaris auditing is enabled, If it is possible to keep track of users that are allowed to sudo to root. In other words, I would like to know which user did what on my Solaris box. (assumig that user can "sudo su -" )
Thanks. (2 Replies)
In our customer place somebody removed and PV from the server. I want the information like which user removed this PV.
Is there any way to get PV removal information.
When did the PV removed from the server ?
Whether AIX auding will help ?
Where i can get these information ?
Thank... (2 Replies)
I am trying to find out the information of my local desktop when i use putty to login to an AIX server.
This is what I do:
1. login to my PC
2. take a putty session to an AIX server
Can i get information of my local desktop from the AIX server ? Is there a command available ?
Thanks (8 Replies)
Discussion started by: Nagesh_1985
8 Replies
LEARN ABOUT OPENSOLARIS
pfexec
pfexec(1) User Commands pfexec(1)NAME
pfexec, pfsh, pfcsh, pfksh - execute a command in a profile
SYNOPSIS
/usr/bin/pfexec command
/usr/bin/pfexec -P privspec command [ arg ]...
/usr/bin/pfsh [ options ] [ argument ]...
/usr/bin/pfcsh [ options ] [ argument ]...
/usr/bin/pfksh [ options ] [ argument ]...
DESCRIPTION
The pfexec program is used to execute commands with the attributes specified by the user's profiles in the exec_attr(4) database. It is
invoked by the profile shells, pfsh, pfcsh, and pfksh which are linked to the Bourne shell, C shell, and Korn shell, respectively.
Profiles are searched in the order specified in the user's entry in the user_attr(4) database. If the same command appears in more than one
profile, the profile shell uses the first matching entry.
The second form, pfexec -P privspec, allows a user to obtain the additional privileges awarded to the user's profiles in prof_attr(4). The
privileges specification on the commands line is parsed using priv_str_to_set(3C). The resulting privileges are intersected with the union
of the privileges specified using the "privs" keyword in prof_attr(4) for all the user's profiles and added to the inheritable set before
executing the command.
USAGE
pfexec is used to execute commands with predefined process attributes, such as specific user or group IDs.
Refer to the sh(1), csh(1), and ksh(1) man pages for complete usage descriptions of the profile shells.
EXAMPLES
Example 1 Obtaining additional user privileges
example% pfexec -P all chown user file
This command runs chown user file with all privileges assigned to the current user, not necessarily all privileges.
EXIT STATUS
The following exit values are returned:
0 Successful completion.
1 An error occurred.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWcsu |
+-----------------------------+-----------------------------+
SEE ALSO csh(1), ksh(1), profiles(1), sh(1), exec_attr(4), prof_attr(4), user_attr(4), attributes(5)SunOS 5.11 3 Mar 2003 pfexec(1)