01-20-2011
The simple answer, without turning on full auditing on the Solaris box is that you cant tell who updated the file.
This User Gave Thanks to citaylor For This Post:
10 More Discussions You Might Find Interesting
1. UNIX and Linux Applications
Hello
I'm writing a program for managing accounts and groups in a linux system.
My problem is how to update the members of a group in the /etc/group file,if i have to add/remove those members.
total 3 variables for adding some new members to the group :
char **oldmembers=grp->gr_mem; ... (1 Reply)
Discussion started by: mekos
1 Replies
2. UNIX for Dummies Questions & Answers
From what I have read it possible to create a new group by editing the etc/group and etc/passwd in UNIX two files but a non-experienced user may face many problems such as destroying the file by mistake ot that his changes to these file does not make any difference.
However, there is this... (2 Replies)
Discussion started by: whatev3r
2 Replies
3. Shell Programming and Scripting
I need to find all the files that have group Read or Write permission or files that have user write permission.
This is what I have so far:
find . -exec ls -l {} \; | awk '/-...rw..w./ {print $1 " " $3 " " $4 " " $9}'
It shows me all files where group read = true, group write = true... (5 Replies)
Discussion started by: shunter63
5 Replies
4. Solaris
Hi Experts
/etc/vfstab is corrupted as while editing it i forgot to comment some of the line.
how can i edit the file in single in user mod?
also, i have some problem in CD drive , so i cant boot it from CD and do the changes.
i tried mounding the root file system as rw, however no... (10 Replies)
Discussion started by: kumarmani
10 Replies
5. Cybersecurity
Under oracle user file abc.txt was created. Oracle user belong to dba group on UNIX Server. However other non Oracle users which belongs to some other network groups need read only access to this file.
Every time when I login as other then oracle user and try to view this file it saying that I... (2 Replies)
Discussion started by: groosha
2 Replies
6. Ubuntu
Hi,
Anyone can help me on how to duplicate privileges and group for useroradb01 to userrootdb01. I have currently using "useroradb01" and create a newly user "userrootdb01".
I want both in the sames privileges and group. Please see the existing users list below;
drwxr-xr-x 53 useroradb01... (0 Replies)
Discussion started by: fspalero
0 Replies
7. Shell Programming and Scripting
/etc/group
tiadm::345:mk789,po312,jo343,ju454,ko453,yx879,iy345,hn453
bin::2:root,daemon
sys::3:root,bin,adm
adm::4:root,daemon
uucp::5:root
/etc/passwd
mk789:x:234:1::/export/home/dummy:/bin/sh
po312:x:234:1::/export/home/dummy:/bin/sh
ju454:x:234:1::/export/home/dummy:/bin/sh... (6 Replies)
Discussion started by: chidori
6 Replies
8. UNIX for Advanced & Expert Users
i did a mistake. :(
user1 ]$ vi ~/.bashrc
sudo su - user2
now , whenever I try to login to user1 , it will login to user2.
How can I resolve this ? :rolleyes:
N.B
-- I do not have root access.
-- I dont know password of user2
-- this is a virtual machine. (1 Reply)
Discussion started by: linuxadmin
1 Replies
9. Red Hat
Hi,
In the following output you can see the the user "richard" is a member on the team/group "developers":
# id richard
uid=10247(richard) gid=100361(developers) groups=100361(developers),10053(testers)
but in the following details of the said group (developers), the said user... (3 Replies)
Discussion started by: indiansoil
3 Replies
10. UNIX for Dummies Questions & Answers
OK guys and gals.
I've been working on a debian system for a little bit, in hopes of making it into a system we can use for manifests and other things.
I am very new to unix, particularly debian.
I would like to make 2 or 3 different groups.
1 would be for me, and other people... (1 Reply)
Discussion started by: samee71
1 Replies
LEARN ABOUT CENTOS
pam_tty_audit
PAM_TTY_AUDIT(8) Linux-PAM Manual PAM_TTY_AUDIT(8)
NAME
pam_tty_audit - Enable or disable TTY auditing for specified users
SYNOPSIS
pam_tty_audit.so [disable=patterns] [enable=patterns]
DESCRIPTION
The pam_tty_audit PAM module is used to enable or disable TTY auditing. By default, the kernel does not audit input on any TTY.
OPTIONS
disable=patterns
For each user matching one of comma-separated glob patterns, disable TTY auditing. This overrides any previous enable option matching
the same user name on the command line.
enable=patterns
For each user matching one of comma-separated glob patterns, enable TTY auditing. This overrides any previous disable option matching
the same user name on the command line.
open_only
Set the TTY audit flag when opening the session, but do not restore it when closing the session. Using this option is necessary for
some services that don't fork() to run the authenticated session, such as sudo.
log_passwd
Log keystrokes when ECHO mode is off but ICANON mode is active. This is the mode in which the tty is placed during password entry. By
default, passwords are not logged. This option may not be available on older kernels (3.9?).
MODULE TYPES PROVIDED
Only the session type is supported.
RETURN VALUES
PAM_SESSION_ERR
Error reading or modifying the TTY audit flag. See the system log for more details.
PAM_SUCCESS
Success.
NOTES
When TTY auditing is enabled, it is inherited by all processes started by that user. In particular, daemons restarted by an user will still
have TTY auditing enabled, and audit TTY input even by other users unless auditing for these users is explicitly disabled. Therefore, it is
recommended to use disable=* as the first option for most daemons using PAM.
To view the data that was logged by the kernel to audit use the command aureport --tty.
EXAMPLES
Audit all administrative actions.
session required pam_tty_audit.so disable=* enable=root
SEE ALSO
aureport(8), pam.conf(5), pam.d(5), pam(8)
AUTHOR
pam_tty_audit was written by Miloslav Trma <mitr@redhat.com>. The log_passwd option was added by Richard Guy Briggs <rgb@redhat.com>.
Linux-PAM Manual 09/04/2013 PAM_TTY_AUDIT(8)