12-04-2010
sudo log and sudo auditing
Sudo In AIX, how to find out what commands have been run after a user sudo to another user? for example, user sam run 'sudo -u robert ksh' then run some commands, how can I (as root) find what commands have been run?
sudo.log only contains sudo event, no activity logging.
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
folks;
I just did setup sudo on Solaris 10 through "sudoer" file.
Now, i try to look at the log files to see any user activities under /var/log/syslog & all i see if someone try to run "sudo -u root tcsh" & got an error or was successful. But i don't see any activities, for example:
if a user... (0 Replies)
Discussion started by: Katkota
0 Replies
2. UNIX for Dummies Questions & Answers
Hi! I'm very new to unix, so please keep that in mind with the level of language used if you choose to help :D Thanks!
When attempting to use sudo on and AIX machine with oslevel 5.1.0.0, I get the following error:
exec(): 0509-036 Cannot load program sudo because of the following errors:... (1 Reply)
Discussion started by: Chloe123
1 Replies
3. Cybersecurity
we are looking at changing the way we get root on our network.
in our current system if an admin needs root access he just gets the root password and uses an su.
some of our staff have decided that a sudo to "/bin/sh" will be easer.
some of our staff think a sudo to "su -" will be better.
I... (0 Replies)
Discussion started by: robsonde
0 Replies
4. Shell Programming and Scripting
I am writing a BASH script to update a webserver and then restart Apache. It looks basically like this:
#!/bin/bash
rsync /path/on/local/machine/ foo.com:path/on/remote/machine/
ssh foo.com sudo /etc/init.d/apache2 reloadrsync and ssh don't prompt for a password, because I have DSA encryption... (9 Replies)
Discussion started by: fluoborate
9 Replies
5. UNIX for Advanced & Expert Users
Hello,
Is it possible to configure the sudo log to register the logname instead of
the username?
I mean, if user A logs and su (switch user) to user B and then uses SUDO
to execute commands, the log will register actions of user B. What I need
is to register these actions as being executed... (1 Reply)
Discussion started by: crematoriumm
1 Replies
6. Shell Programming and Scripting
Hi All,
I running a unix command using sudo option inside shell script. Its working well. But in crontab the same command is not working and its throwing
"sudo: sorry, you must have a tty to run sudo". I do not have root permission to add or change settings for my userid. I can not even ask... (9 Replies)
Discussion started by: Apple1221
9 Replies
7. Shell Programming and Scripting
Hi, Have a need to run the below command as a "karuser" from a java class which will is running as "root" user. When we are trying to run the below command from java code getting the below error.
Command:
sudo -u karuser -s /bin/bash /bank/karunix/bin/build_cycles.sh
Error:
sudo: sorry,... (8 Replies)
Discussion started by: Satyak
8 Replies
8. UNIX for Dummies Questions & Answers
hi,
i have installed sudo now want to create sudo log file to capture every sudo event like "if any user does sudo and then runs a command line, this all must be captured who did what" kindly assist
plantform:- linux RHEL, soalris 10 (1 Reply)
Discussion started by: firozk679
1 Replies
9. Shell Programming and Scripting
It is crazy when you just entered a command example sudo or su or even ps. It will flood your /var/log/messages. Please see duplicate entries except for the pid. At 1 specific time.
Thanks
$ cat b
Jan 13 17:09:05 SERVER1 bash: user1 as root:
Jan 13 17:09:05 SERVER1 bash: user1 as root:
Jan... (3 Replies)
Discussion started by: invinzin21
3 Replies
LEARN ABOUT MOJAVE
heimdal_debug
heimdal_debug(5) BSD File Formats Manual heimdal_debug(5)
NAME
heimdal_debug -- how to turn on/off debugging for Kerberos tools
DESCRIPTION
The heimdal_debug kerberos frameworks have several knobs for controlling logging. The different framework knobs are:
libkrb
The Kerberos library, some gss-api Kerberos output ends up here too
kcm the kcm library (credentials cache, ntlm client)
kdc the kerberos KDC output
digest-service
the digest service (ntlm server)
CONFIGURATION FILE
[logging]
<subsystem> = 0-/SYSLOG:
and watch syslog for logging information.
APPLE MAC OS X
First turn up syslog debugging
sudo syslog -c 0 -d
then you can see the syslog output in Console.app or by running
syslog -w -k org.h5l.asl
To enable more extensive debugging logging for each subsystem, use the following commands:
Kerberos Library
sudo defaults write /Library/Preferences/com.apple.Kerberos logging -dict-add krb5 '0-/OSLOG:normal:'
digest-server
sudo defaults write /Library/Preferences/com.apple.Kerberos logging -dict-add digest-service '0-/OSLOG:normal:'
kcm sudo defaults write /Library/Preferences/com.apple.Kerberos logging -dict-add kcm '0-/OSLOG:normal:'
kdc sudo defaults write /Library/Preferences/com.apple.Kerberos logging -dict-add kdc '0-/OSLOG:normal:'
MIT Kerberos Shim
defaults write com.apple.MITKerberosShim EnableDebugging -bool true
GSS-API framework logging
sudo defaults write /Library/Preferences/com.apple.GSS DebugLevel -int 10
Other options on Mac OS X
Make the admin API pretend to the server even on client
sudo defaults write /Library/Preferences/com.apple.Kerberos ForceHeimODServerMode -bool true
SEE ALSO
gss(5), kerberos(8)
HEIMDAL
Sep 30, 2011 HEIMDAL