|
|
Sponsored Content
Operating Systems
AIX
Tracking Root commands
Post 302475298 by frank_rizzo on Saturday 27th of November 2010 08:31:02 PM
11-27-2010
|
|
10 More Discussions You Might Find Interesting
1. Solaris
Hello all,
I am having a problem with a Solaris 8 machine. Since 3 days ago I can´t login as root. I am able to login as a normal user and su. But as soon as I issue any command the system stop responding. If I log again as a normal user I see the process still runnig.
Something I noticed,... (1 Reply)
Discussion started by: kik_xxx
1 Replies
2. UNIX for Dummies Questions & Answers
Hi
I am working on LINUX shell scripting. I have root privileges and I know some basic root/admin commands like user creation, modification and so on. Till last week i was able to create users but now i am not able to create users or groups. When I give the command i got an error as ... (6 Replies)
Discussion started by: naina
6 Replies
3. UNIX for Advanced & Expert Users
I have to write a script (not C based) that allows to capture of all commands issued by the user “root”.
First, I tried to monitor the .bash_history but the commands are written in chunk after the .bash_history is closed.
How can I capture the commands in Real-Time without waiting root to... (4 Replies)
Discussion started by: elieifrah@gmail
4 Replies
4. HP-UX
Hi
I have been asked to find out how to
1) create users
2) reset passwords
3) kill processes that may require root privileges
without having root password, sudo rights or rights to passwd command
Any ideas?
Thanks in advance (1 Reply)
Discussion started by: emealogistics
1 Replies
5. Cybersecurity
Can any one help me with a script, which runs in background and mails me all the commands entered by root on any terminal for every hour. We have multiple people having root access on the server and creating a mess,i just wanted to monitor all the activity of the root. (13 Replies)
Discussion started by: vishnu787
13 Replies
6. UNIX for Dummies Questions & Answers
Hi everyone hope you can help me
i have 5 root users and the problem with that is how can you see
witch root user did what on the box how can you track the users that
played on the servers.
1) What commands they typed (in linux you get history )
2) From witch ip did they connect to the server (3 Replies)
Discussion started by: sucram
3 Replies
7. UNIX for Dummies Questions & Answers
hi
i am new to unix and i have abig task. i have to \run particular commands having root privileges from a non root user. i know sudo is one of the way but i need sum other approach kindly help
Thanks (5 Replies)
Discussion started by: suryashikha
5 Replies
8. Shell Programming and Scripting
is it possible that we can restrict the root user if he runs some commands?? e.g i want if root runs command 'rm etc/passwd', he shoudn't be able to run command and throws error :confused: (3 Replies)
Discussion started by: sheelsadan
3 Replies
9. Shell Programming and Scripting
Hello I have a script which is working fine so far to generate HTML file. Now i am wondering how do i include a syntax where it can change itself to root user and execute a specific commands as root user.
Please help, Thanks in advance.
-Siddhesh (2 Replies)
Discussion started by: Siddheshk
2 Replies
10. HP-UX
All team members has sudo access to user "batch55".
Need to track all the commands used by team members after sudo to "batch55".
Using HP-UX and ksh shell in our environment.
How can i acheive this?
Thanks In Advance. (2 Replies)
Discussion started by: venkatababu
2 Replies
LEARN ABOUT HPUX
audit
audit(4) Kernel Interfaces Manual audit(4) NAME
audit - audit trail format and other information for auditing DESCRIPTION
Audit records are generated when users make security-relevant system calls, as well as by self-auditing processes that call (see aud- write(2)). Access to the auditing system is restricted to super-user. Each audit record consists of an audit record header and a record body. The record header is comprised of sequence number, process ID, event type, and record body length. The sequence number gives relative order of all records; the process ID belongs to the process being audited; the event type is a field identifying the type of audited activity; the length is the record body length expressed in bytes. The record body is the variable-length component of an audit record containing more information about the audited activity. For records generated by system calls, the body contains the time the audited event completes in either success or failure, and the parameters of the system calls; for records generated by self-auditing processes, the body consists of the time audwrite(2) writes the records and the high- level description of the event (see audwrite(2)). The records in the audit trail are compressed to save file space. When a process is audited the first time, a pid identification record (PIR) is written into the audit trail containing information that remains constant throughout the lifetime of the process. This includes the parent's process ID, audit tag, real user ID, real group ID, effective user ID, effective group ID, group ID list, effective, permit- ted, and retained privileges, compartment ID, and the terminal ID (tty). The PIR is entered only once per process per audit trail. Information accumulated in an audit trail is analyzed and displayed by (see audisp(1M)). AUTHOR
was developed by HP. SEE ALSO
audsys(1M), audevent(1M), audisp(1M), audomon(1M), audwrite(2), audit(5), compartments(5), privileges(5). audit(4)