08-31-2011
History to Another file [local user history , but root access]
Hi all,
My need is :
1. To know who , when , which command used.
2. Local user should not delete this information.
[The thing is , here we have a number of employees working in root permission.!!! And we are not actually getting who is doing which command and all...]
I mean , with an example , i can say
i have a user user1
i need to give all the following permissions to user1, :
a. A specific directory other than his home directory.
b. To edit /etc/profile
c. And/Or any other specific files/dirs.
user1's history will be saved in ~/.bash_history
user1 will have -rw-------. permission to ~/.bash_history
So there is a chance that he may delete the file itself / delete the content.
And so , i am thinking to do like..
i will have another file somewhere , say , /var/.bash_hist_user1
so
automatically , What are all the commands entering by user1 should come inside /var/.bash_hist_user1 also.
OR ELSE
What are all the commands entering by user1 will come in ~/.bash_history
But he cannot delete the file / content.
Is it possible ?
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Team ,
using fc command we can get details of our history file .. Is it possible to get the same result for different user from root.. Actually I need to collect all the stuff from select users history file for day to day basis.
thanks in advance .. (2 Replies)
Discussion started by: rgpai9972
2 Replies
2. Shell Programming and Scripting
Hi,
I need to access a user's command history. However, the dilemma is that he is logged in and so his current history is not yet flushed to .bash_history file which gets flushed when he logs out. Is there a way I can still access his most recent history?
thank you,
S (4 Replies)
Discussion started by: sardare
4 Replies
3. UNIX for Dummies Questions & Answers
Hello every body,
Kindly inform me How Do i find out the time I executed a command previously on UNIX Solaris??
To be more specific and more clear about what i want to know is that I want a command the enables me to know the history and which command i run at this history/time.
FYI I used... (5 Replies)
Discussion started by: ahmedamer12
5 Replies
4. Shell Programming and Scripting
Hey guyz,
I'm trying to get the command history for my active users sessions on the local machine and i kinda hit a tough wall
Is command-line history for my current user saved somewhere else besides $HOME/.bash_history?
I have been told that there is some temporary file stored on the local... (2 Replies)
Discussion started by: mishu_cgm
2 Replies
5. UNIX for Dummies Questions & Answers
Hi all,
My need is :
1. To know who , when , which command used.
2. Local user should not delete this information.
I mean , with an example , i can say
i have a user user1
i need to give all the following permissions to user1, :
a. A specific directory other than his home... (1 Reply)
Discussion started by: sriky86
1 Replies
6. Red Hat
Hi,
I have three servers,For 3 servers how i can take output,all the local accounts and details of whether the access is Root or User access.
cheers (1 Reply)
Discussion started by: ranjithm
1 Replies
7. Shell Programming and Scripting
HTML Code
archive_history() { HISTORYOLD=${HISTFILE}.archive CURTIME=`date` CURTTY=`tty` IP=$(echo $SSH_CLIENT | awk '{print $1}') if ; then echo "#-${HOSTNAME}-- ${CURBASHDATE} - ${CURTIME} ($CURTTY) ${USER} ${IP}----" >> $HISTORYOLD history... (2 Replies)
Discussion started by: rehantayyab82
2 Replies
8. Shell Programming and Scripting
HTML Code:
archive_history() { HISTORYOLD=${HISTFILE}.archive CURTIME=`date` CURTTY=`tty` IP=$(echo $SSH_CLIENT | awk '{print $1}') if ; then echo "#-${HOSTNAME}-- ${CURBASHDATE} - ${CURTIME} ($CURTTY) ${USER} ${IP}----" >> $HISTORYOLD history... (0 Replies)
Discussion started by: rehantayyab82
0 Replies
9. Shell Programming and Scripting
I'm exploring OpenBSD and want to stick to its default shell, which is ksh. My goal is for my regular user ("bruno") and root user to have a shared history file. However, it seems that when running as root, ksh refuses to write to a HISTFILE that is owned by non-root user. This illustrates the... (3 Replies)
Discussion started by: DevuanFan
3 Replies
10. What is on Your Mind?
I am pleased to announce this new video in 1080 HD for UNIX lovers honoring thirty years of UNIX history spanning from 1969 to 1999 presented in 150 seconds (two and a half minutes) in 1080 HD, celebrating the 50th anniversary of UNIX.
The Great History of UNIX (1969-1999) | 30 Years of UNIX... (8 Replies)
Discussion started by: Neo
8 Replies
LEARN ABOUT HPUX
userdbset
userdbset(1M) userdbset(1M)
NAME
userdbset - modify information in the user database, /var/adm/userdb
SYNOPSIS
name attr [attr]...
attr [attr]...
name]
DESCRIPTION
modifies the per-user information residing in the user database, A per-user value in the user database overrides any system-wide default
configured in See userdb(4) and security(4) for more details about the user database and system-wide defaults, respectively.
If one or more arguments are specified on the command line, initializes or modifies each attribute specified by attr to the specified value
for the specified user name.
Options
The following options are recognized:
Modify specified attributes for all users.
Delete attributes; the
(see security(4)) system-wide default will then apply. If one or more attr arguments are specified, only those
attributes are deleted. Otherwise, if no attr arguments are specified, all configurable attributes are deleted for the
specified user name.
Import the contents of
filename into the user database. Each line in the data file, filename, must be in the following format: The output of
is in this format and can be used as the input file. See the example in the section.
Remove internal attributes in addition to the configurable ones.
Internal attributes are not user configurable and are normally modified only by programs that enforce system security.
The file indicates which attributes are configurable and which are internal.
Initialize, modify or delete specified attributes for the specified user
name.
Authorizations
In order to invoke the user must either be root (running with effective uid of 0) or, if the Role-Based Access Control Extensions product
(RBACExt) is installed, have the appropriate authorization(s). Users with the appropriate authorizations can use to add, modify or delete
security attributes for other users, but are prohibited from changing the security attributes for local root users. Only root users can
add, modify or delete the security attributes of local root users.
Refer to rbac(5) for more information on the Role-Based Access Control product. The following is a list of the required authorizations for
running with particular options:
Allows the user to invoke
The user will also need specific authorizations to modify or delete the various attributes in the user database.
Allows the user to delete the per-user attribute
(attr) named in the object of the authorization pair. An object of will allow the user to delete any attribute.
Allows the user to initialize or modify the per-user attribute
(attr) named in the object of the authorization pair. An object of will allow the user to initialize or modify any attribute.
Allows the user to import user attributes into the user database using
the option. Users with this authorization are allowed to import attributes for all users, including local root users.
Notes
Only users who have read and write access to can run
validates attributes and attribute values based on information in The validation of an attribute fails if:
o Any specified attr is not listed in
o does not allow a per-user value for the attr.
o name is not a valid user.
o allows the attr only for local users, and name is not in
o The value of an attr is not within the range specified in
RETURN VALUE
exits with one of the following values:
success
invalid user
invalid usage
insufficient permission to access the user database
file system error
invalid attribute;
does not allow a per-user value
an attribute value is not within the range specified in
block overflow
entry overflow
database lock failure
database is disabled; see
userdb(4)
invalid user name
not a local user
EXAMPLES
In the following example, the first command deletes all of the configurable attributes for user while retaining the internal attributes.
At this point, the system-wide defaults in apply. The second command sets minimum password length to 7 and to 0022 (the leading zero
denotes an octal value).
The next command deletes the minimum password length, which causes the system-wide default to be used.
The following example deletes the user-specific audit flag for all users. The system-wide default will then apply for all users.
The following example saves the configurable attributes for all users option) into a file, using the command. If needed, the attributes
can then be restored at a later point by importing the file with The second command imports the configurable attributes into the user data-
base.
FILES
user database
security defaults configuration file
security attributes description file
SEE ALSO
userdbck(1M), userdbget(1M), userdb_read(3), security(4), userdb(4), rbac(5).
userdbset(1M)