Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: audit user commands of different users under root account
Top Forums UNIX for Advanced & Expert Users audit user commands of different users under root account Post 302431412 by pointgetter0 on Monday 21st of June 2010 10:35:06 PM
Old 06-21-2010
Can you suggest any auditing facility that I may use wherein I can pinpoint the root user and the commands he/she inputs? Also, is possible to automate that system's auditing process?
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

create or modify user account to have same access as root

Is there a way to create or better yet modify a user account so it has the same privs as root? (6 Replies)
Discussion started by: xadamz23
6 Replies

2. UNIX for Dummies Questions & Answers

Modify Root user account ?

How can I modify Root account ? (I want to change the default shell after logging in) Thanks (3 Replies)
Discussion started by: hitlermom
3 Replies

3. UNIX for Dummies Questions & Answers

How to reactivate expired account in Linux as a root user

I am an administrator of a Red Hat Enterprise Linux system. Now one account expired. I wonder how to reactivate the account. Thanks (2 Replies)
Discussion started by: cy163
2 Replies

4. HP-UX

user commands without root access

Hi I have been asked to find out how to 1) create users 2) reset passwords 3) kill processes that may require root privileges without having root password, sudo rights or rights to passwd command Any ideas? Thanks in advance (1 Reply)
Discussion started by: emealogistics
1 Replies

5. Debian

password less login to root from a user account

hello friends, one user is created named "user1" I login as "user1" . Now when i do "su -" to be root user I have to give password for root . Is there any way through which we can skip giving the password to root. i.e. user1@work:~$ su - Password: xxxxxx work:~$ I don't want that... (1 Reply)
Discussion started by: pradeepreddy
1 Replies

6. UNIX for Dummies Questions & Answers

How to allow access to some commands having root privleges to be run bu non root user

hi i am new to unix and i have abig task. i have to \run particular commands having root privileges from a non root user. i know sudo is one of the way but i need sum other approach kindly help Thanks (5 Replies)
Discussion started by: suryashikha
5 Replies

7. Red Hat

startx by non-root user account in red hat linux kernel 2.6

How can I use the command "startx" by other user account such as "oracle" ?? I cannot startx by user account oracle ?? How to fix it ??? Any adivce ??? I use red hat linux kernel 2.6 $ startx Fatal server error: PAM authentication failed, cannot start X server. Perhaps you do... (0 Replies)
Discussion started by: chuikingman
0 Replies

8. Solaris

How to see the root information from user loging account?

Hi friends when ever user tried to loging to the server from the user account.we can see the from who -u command.this was fine shut@erpqas $ who -u ipadmin pts/1 Mar 18 16:05 old 157 (10.5.23.74) ipadmin pts/3 Mar 19 08:29 old 11076 ... (3 Replies)
Discussion started by: tv.praveenkumar
3 Replies

9. SuSE

Allow multiple users to run several root commands

I am using SUSE Linux Enterprise Server 10 SP2 (i586) and I had earlier ammended my sudoers file to allow users to become root user with "sudo su - " command Now I am trying to add multiple users to the sudoers file to run several commands such as restarting the server, restarting the nagios... (9 Replies)
Discussion started by: hedkandi
9 Replies

10. UNIX for Dummies Questions & Answers

Not able to switch to other users using su -user from root

Hi all, I have a small problem. When I log in as root and try to switch to any other user using su -user, then it is giving an error saying libncurses.so permission denied. Can you help me? Thank you in advance. Sai. (1 Reply)
Discussion started by: sai2krishna
1 Replies

LEARN ABOUT HPUX

setaudproc

setaudproc(2)							System Calls Manual						     setaudproc(2)

NAME

       setaudproc() - controls process level auditing for the current process and its decendents

SYNOPSIS

DESCRIPTION

       controls  process  level  auditing for the current process and its decendents.  It accomplishes this by setting or clearing the flag in the
       area of the calling process.  When this flag is set, the system audits the process; when it is cleared, the process is not  audited.   This
       call is restricted to users with the privilege.

       One of the following flags must be used for aflag:

	      Audit the calling process and its decendents.
	      Do not audit the calling process and its decendents.

       The  flag  is  inherited by the descendents of a process.  consequently, the effect of a call to is not limited to the current process, but
       propagates to all its decendents as well.  For example, if is called with the flag, all subsequent audited  system  calls  in  the  current
       process are audited until is called with the flag.

       Further,  performs its action regardless of whether the user executing the process has been selected to be audited or not.  For example, if
       is called with the (or the flag, all subsequent audited system calls will be audited (or not audited), regardless of whether the user  exe-
       cuting the process has been selected for auditing or not.

       Due  to	these features, should not be used in most self-auditing applications.	should be used (see audswitch(2)) when the objective is to
       suspend auditing within a process without affecting its decendents or overriding the user selection aspect of the auditing system.

   Security Restrictions
       Some or all of the actions associated with this system call require the privilege.  Processes owned by the superuser have  this	privilege.
       Processes  owned  by  other users may have this privilege, depending on system configuration.  See privileges(5) for more information about
       privileged access on systems that support fine-grained privileges.

RETURN VALUE

       Upon successful completion, returns 0; otherwise, it returns -1 and sets to indicate the error.

AUTHOR

       was developed by HP.

SEE ALSO

       audevent(1M), audusr(1M), audswitch(2), getaudproc(2), audit(5), privileges(5).

																     setaudproc(2)
All times are GMT -4. The time now is 02:54 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy