Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: audit user commands of different users under root account
Top Forums UNIX for Advanced & Expert Users audit user commands of different users under root account Post 302431412 by pointgetter0 on Monday 21st of June 2010 10:35:06 PM
Old 06-21-2010
Can you suggest any auditing facility that I may use wherein I can pinpoint the root user and the commands he/she inputs? Also, is possible to automate that system's auditing process?
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

create or modify user account to have same access as root

Is there a way to create or better yet modify a user account so it has the same privs as root? (6 Replies)
Discussion started by: xadamz23
6 Replies

2. UNIX for Dummies Questions & Answers

Modify Root user account ?

How can I modify Root account ? (I want to change the default shell after logging in) Thanks (3 Replies)
Discussion started by: hitlermom
3 Replies

3. UNIX for Dummies Questions & Answers

How to reactivate expired account in Linux as a root user

I am an administrator of a Red Hat Enterprise Linux system. Now one account expired. I wonder how to reactivate the account. Thanks (2 Replies)
Discussion started by: cy163
2 Replies

4. HP-UX

user commands without root access

Hi I have been asked to find out how to 1) create users 2) reset passwords 3) kill processes that may require root privileges without having root password, sudo rights or rights to passwd command Any ideas? Thanks in advance (1 Reply)
Discussion started by: emealogistics
1 Replies

5. Debian

password less login to root from a user account

hello friends, one user is created named "user1" I login as "user1" . Now when i do "su -" to be root user I have to give password for root . Is there any way through which we can skip giving the password to root. i.e. user1@work:~$ su - Password: xxxxxx work:~$ I don't want that... (1 Reply)
Discussion started by: pradeepreddy
1 Replies

6. UNIX for Dummies Questions & Answers

How to allow access to some commands having root privleges to be run bu non root user

hi i am new to unix and i have abig task. i have to \run particular commands having root privileges from a non root user. i know sudo is one of the way but i need sum other approach kindly help Thanks (5 Replies)
Discussion started by: suryashikha
5 Replies

7. Red Hat

startx by non-root user account in red hat linux kernel 2.6

How can I use the command "startx" by other user account such as "oracle" ?? I cannot startx by user account oracle ?? How to fix it ??? Any adivce ??? I use red hat linux kernel 2.6 $ startx Fatal server error: PAM authentication failed, cannot start X server. Perhaps you do... (0 Replies)
Discussion started by: chuikingman
0 Replies

8. Solaris

How to see the root information from user loging account?

Hi friends when ever user tried to loging to the server from the user account.we can see the from who -u command.this was fine shut@erpqas $ who -u ipadmin pts/1 Mar 18 16:05 old 157 (10.5.23.74) ipadmin pts/3 Mar 19 08:29 old 11076 ... (3 Replies)
Discussion started by: tv.praveenkumar
3 Replies

9. SuSE

Allow multiple users to run several root commands

I am using SUSE Linux Enterprise Server 10 SP2 (i586) and I had earlier ammended my sudoers file to allow users to become root user with "sudo su - " command Now I am trying to add multiple users to the sudoers file to run several commands such as restarting the server, restarting the nagios... (9 Replies)
Discussion started by: hedkandi
9 Replies

10. UNIX for Dummies Questions & Answers

Not able to switch to other users using su -user from root

Hi all, I have a small problem. When I log in as root and try to switch to any other user using su -user, then it is giving an error saying libncurses.so permission denied. Can you help me? Thank you in advance. Sai. (1 Reply)
Discussion started by: sai2krishna
1 Replies

LEARN ABOUT HPUX

audswitch

audswitch(2)							System Calls Manual						      audswitch(2)

NAME

       audswitch() - suspend or resume auditing on the current process

SYNOPSIS

DESCRIPTION

       suspends or resumes auditing within the current process.  This call is restricted to users with the privilege.

       One of the following flags must be used for aflag:

	  Suspend auditing on the current process.

	  Resume auditing on the current process.

       can be used in processes with the privilege to temporarily suspend auditing during intervals where auditing is to be handled by the process
       itself.	Auditing is suspended by a call to with the parameter and resumed later by a call to with the parameter.

       An call to resume auditing serves only to reverse the action of a previous call to suspend auditing.  A call to	to  resume  auditing  when
       auditing is not suspended has no effect.

       affects	only  the current process.  For example, cannot suspend auditing for processes from the current process.  (Use (see setaudproc(2))
       to enable or disable auditing for a process and its children).

   Security Restrictions
       Some or all of the actions associated with this system call require the privilege.  Processes owned by the superuser have  this	privilege.
       Processes  owned  by  other users may have this privilege, depending on system configuration.  See privileges(5) for more information about
       privileged access on systems that support fine-grained privileges.

RETURN VALUE

       Upon successful completion, returns If an error occurs, is returned and the global variable is set to indicate the error.

ERRORS

       fails if one of the following is true:

       The user does not possess the
		      privilege.

       The input parameter is neither
		      nor

AUTHOR

       was developed by HP.

SEE ALSO

       audevent(1M), audusr(1M), setaudproc(2), audit(5), privileges(5).

																      audswitch(2)
All times are GMT -4. The time now is 08:30 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy