09-22-2010
Well, I am also using RBAC with LDAP auth. This is not the case.
We have 3rd party application that needs root (userid 0) acount to be managed. So we grant related users "sudo su -" permission. What I am trying to find is when two or more users are logged in and switched to root, how could I determine which user (with root account) did what ?
---------- Post updated 09-22-10 at 09:00 AM ---------- Previous update was 09-21-10 at 12:07 PM ----------
Hi again,
I figured out a solution as follows:
Each login via ssh is logged as an entry in /var/adm/lastlog, I could see it using "last" command. So I know which user is connected to which terminal, like "pts/2". So, if I can log shell history with the terminal information then I could easily find which command is executed by which user.
Am I missing anything that should be taken into account ?
10 More Discussions You Might Find Interesting
1. AIX
Background:
I a trying to audit user administration on a AIX box. I am trying to make sure that any changes made by the System administrator to the user accounts (Add users, changing their attributes or deleting users) are accompanied by authorization i.e. the system admin does not make any... (0 Replies)
Discussion started by: gladiator
0 Replies
2. AIX
i want to audit user commands ..
keep track of what commands each user has been giving ..
can this be done by writing a script in engraving it in .profile of the user.
or is there any other way of doing this ...
rgds
raj (2 Replies)
Discussion started by: rajesh_149
2 Replies
3. HP-UX
Hi all
I hope to find what i'm looking for in this forum
as said in the topic i want to track user's actions on the system. i mean also the action of moving or removing files. I have an HP 9000 with HP UX 11i. the users log on the HP from a terminal window under WIndows XP
Thx (3 Replies)
Discussion started by: Timberland
3 Replies
4. UNIX for Dummies Questions & Answers
Hi Guys,
I am new to this forum so I am sorry if i posted this thread in the wrong place. I am currently trying to get BSM to work on solaris 10 by Logging few things for me. I need your help to complete this task please.
this is the config of the audit files:
audit_conto
# Copyright... (18 Replies)
Discussion started by: skywalker850i
18 Replies
5. Solaris
How do I setup audit to alert on write conditions for individual files? Thanks. (3 Replies)
Discussion started by: dxs
3 Replies
6. UNIX for Advanced & Expert Users
Hi All,
I have a requirement to report us on changing a group of static files.
Those are the binary files that run in Production every day.
Due to the in sercure environment situations, I found many are indulging in there own changes to the binaries by doing some changes in the souce code.
... (1 Reply)
Discussion started by: mohan_kumarcs
1 Replies
7. Shell Programming and Scripting
Hi All,
I need to put in place a UNIX shell script that calls three sql scripts & reports to the DBAs.
I already have the three sql scripts in place & they perform the following database auditing actions:
1. actions.sql
This script queries the DBA_AUDIT _TRAIL table to look for database user... (2 Replies)
Discussion started by: divroro12
2 Replies
8. Shell Programming and Scripting
Hello,
is there some way to track what shell commands some user is executing ?
Something like to have some log file where i could see what commands some user used, e.g. rm -r dirname , ls -l .... and so on ...
I have 2.6.13-1.1526_FC4smp (9 Replies)
Discussion started by: tonijel
9 Replies
9. AIX
I am trying to find out the information of my local desktop when i use putty to login to an AIX server.
This is what I do:
1. login to my PC
2. take a putty session to an AIX server
Can i get information of my local desktop from the AIX server ? Is there a command available ?
Thanks (8 Replies)
Discussion started by: Nagesh_1985
8 Replies
10. Solaris
Hello,
Im glad to become a member of this forums,
Im new on solaris and recentrly im introducing to use auditing service in that system.
The need is, that I need how to exclude a directory to the audit service not audit it.
And, a plus, I need of how to disable auditing the root user in... (0 Replies)
Discussion started by: sysh4ck
0 Replies
LEARN ABOUT OSF1
suninstall
suninstall(1M) System Administration Commands suninstall(1M)
NAME
suninstall - install the Solaris operating system
SYNOPSIS
suninstall
DESCRIPTION
install-solaris(1M) is now the preferred command for starting and restarting the Solaris Installation program. It should be used instead of
suninstall. suninstall is symbolically linked to install-solaris.
suninstall is a forms-based and graphical subsystem for installing the operating system.
suninstall exists only on the Solaris installation media (CD or DVD) and should only be invoked from there. Refer to the Solaris 10 Instal-
lation Guide: Basic Installations for more details.
suninstall allows installation of the operating system onto any standalone system. suninstall loads the software available on the installa-
tion media. Refer to the Solaris 10 Installation Guide: Basic Installations for disk space requirements.
USAGE
Refer to the Solaris 10 Installation Guide: Basic Installations for more information on the various menus and selections.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWcdrom (Solaris instal- |
| |lation media) |
+-----------------------------+-----------------------------+
SEE ALSO
pkginfo(1), install(1M), install-solaris(1M), pkgadd(1M), attributes(5)
Solaris 10 Installation Guide: Basic Installations
NOTES
It is advisable to exit suninstall by means of the exit options in the suninstall menus.
SunOS 5.10 9 Sep 2004 suninstall(1M)