Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Solaris user auditing
Operating Systems Solaris Solaris user auditing Post 302455198 by DukeNuke2 on Tuesday 21st of September 2010 04:48:26 AM
Old 09-21-2010
if the user doesn't disable auditing... you can. a better option would bei "RBAC" for a finer granularity in user rights. so you can have a user with almost root capability, just without the right to mess with auditing.

http://docs.sun.com/app/docs/doc/816...8?l=all&a=view
 

10 More Discussions You Might Find Interesting

1. AIX

Auditing User administrator

Background: I a trying to audit user administration on a AIX box. I am trying to make sure that any changes made by the System administrator to the user accounts (Add users, changing their attributes or deleting users) are accompanied by authorization i.e. the system admin does not make any... (0 Replies)
Discussion started by: gladiator
0 Replies

2. AIX

User Auditing

i want to audit user commands .. keep track of what commands each user has been giving .. can this be done by writing a script in engraving it in .profile of the user. or is there any other way of doing this ... rgds raj (2 Replies)
Discussion started by: rajesh_149
2 Replies

3. HP-UX

Auditing User's actions

Hi all I hope to find what i'm looking for in this forum as said in the topic i want to track user's actions on the system. i mean also the action of moving or removing files. I have an HP 9000 with HP UX 11i. the users log on the HP from a terminal window under WIndows XP Thx (3 Replies)
Discussion started by: Timberland
3 Replies

4. UNIX for Dummies Questions & Answers

solaris BSM and Auditing

Hi Guys, I am new to this forum so I am sorry if i posted this thread in the wrong place. I am currently trying to get BSM to work on solaris 10 by Logging few things for me. I need your help to complete this task please. this is the config of the audit files: audit_conto # Copyright... (18 Replies)
Discussion started by: skywalker850i
18 Replies

5. Solaris

Solaris 9 Auditing

How do I setup audit to alert on write conditions for individual files? Thanks. (3 Replies)
Discussion started by: dxs
3 Replies

6. UNIX for Advanced & Expert Users

File Auditing in Sun Solaris environment

Hi All, I have a requirement to report us on changing a group of static files. Those are the binary files that run in Production every day. Due to the in sercure environment situations, I found many are indulging in there own changes to the binaries by doing some changes in the souce code. ... (1 Reply)
Discussion started by: mohan_kumarcs
1 Replies

7. Shell Programming and Scripting

Script for Oracle user activity auditing

Hi All, I need to put in place a UNIX shell script that calls three sql scripts & reports to the DBAs. I already have the three sql scripts in place & they perform the following database auditing actions: 1. actions.sql This script queries the DBA_AUDIT _TRAIL table to look for database user... (2 Replies)
Discussion started by: divroro12
2 Replies

8. Shell Programming and Scripting

user auditing

Hello, is there some way to track what shell commands some user is executing ? Something like to have some log file where i could see what commands some user used, e.g. rm -r dirname , ls -l .... and so on ... I have 2.6.13-1.1526_FC4smp (9 Replies)
Discussion started by: tonijel
9 Replies

9. AIX

User auditing from AIX server

I am trying to find out the information of my local desktop when i use putty to login to an AIX server. This is what I do: 1. login to my PC 2. take a putty session to an AIX server Can i get information of my local desktop from the AIX server ? Is there a command available ? Thanks (8 Replies)
Discussion started by: Nagesh_1985
8 Replies

10. Solaris

Exclude an specific directory for auditing in Solaris 10

Hello, Im glad to become a member of this forums, Im new on solaris and recentrly im introducing to use auditing service in that system. The need is, that I need how to exclude a directory to the audit service not audit it. And, a plus, I need of how to disable auditing the root user in... (0 Replies)
Discussion started by: sysh4ck
0 Replies

LEARN ABOUT HPUX

audswitch

audswitch(2)							System Calls Manual						      audswitch(2)

NAME

       audswitch() - suspend or resume auditing on the current process

SYNOPSIS

DESCRIPTION

       suspends or resumes auditing within the current process.  This call is restricted to users with the privilege.

       One of the following flags must be used for aflag:

	  Suspend auditing on the current process.

	  Resume auditing on the current process.

       can be used in processes with the privilege to temporarily suspend auditing during intervals where auditing is to be handled by the process
       itself.	Auditing is suspended by a call to with the parameter and resumed later by a call to with the parameter.

       An call to resume auditing serves only to reverse the action of a previous call to suspend auditing.  A call to	to  resume  auditing  when
       auditing is not suspended has no effect.

       affects	only  the current process.  For example, cannot suspend auditing for processes from the current process.  (Use (see setaudproc(2))
       to enable or disable auditing for a process and its children).

   Security Restrictions
       Some or all of the actions associated with this system call require the privilege.  Processes owned by the superuser have  this	privilege.
       Processes  owned  by  other users may have this privilege, depending on system configuration.  See privileges(5) for more information about
       privileged access on systems that support fine-grained privileges.

RETURN VALUE

       Upon successful completion, returns If an error occurs, is returned and the global variable is set to indicate the error.

ERRORS

       fails if one of the following is true:

       The user does not possess the
		      privilege.

       The input parameter is neither
		      nor

AUTHOR

       was developed by HP.

SEE ALSO

       audevent(1M), audusr(1M), setaudproc(2), audit(5), privileges(5).

																      audswitch(2)
All times are GMT -4. The time now is 11:19 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy