01-26-2012
Thanks for your quick reply.
And yes i will enable auditing from now on.
I will try to find out now as you suggested hope so i will get some good results out of it.
And it would be of great help if you can help me out with find command to findout the scripts containing "chown" Command?
10 More Discussions You Might Find Interesting
1. Linux
I am unable to backup file on my tape drive
# mt -f /dev/st0 status
SCSI 2 tape drive:
File number=0, block number=0, partition=0.
Tape block size 0 bytes. Density code 0x25 (DDS-3).
Soft error count since last status=0
General status bits on (45010000):
BOT WR_PROT ONLINE IM_REP_EN
#... (6 Replies)
Discussion started by: real-chess
6 Replies
2. Shell Programming and Scripting
Hi
Using find i want to find files with permission below 664. (6 Replies)
Discussion started by: aliahsan81
6 Replies
3. Solaris
Hello Guruz,
Relay bad condition :mad:
Some has changed the permission to 777 recursively for /usr/bin directory by mistake. Now all the permission looks to be 777 on /usr/bin
Hence I am so many system related errors as 1 show below.
When I am trying to change the password, I am getting... (5 Replies)
Discussion started by: bullz26
5 Replies
4. UNIX for Advanced & Expert Users
I am trying to FTP files from windows to UNIX (IBM AIX). After having sent the files to unix server. Permisssion of the files becomes 640 (rw-r-----). I have to manually login to unix and do chmod 644 on the folder to give it permission. Is it possible that the files automaically be set to 644 on... (2 Replies)
Discussion started by: puspendu.das.in
2 Replies
5. OS X (Apple)
I accidentally changed to sudo chmod a=w to my /usr/bin folder on my macbook with OS 10.5.8... Please help! I can't even get into a terminal correctly cause it displays:
-bash: uname: command not found
-bash: cut: command not found
-bash: uname: command not found
-bash: cut: command not found... (6 Replies)
Discussion started by: scaryMac23
6 Replies
6. UNIX for Dummies Questions & Answers
As I understand the file permissions in UNIX is basically
Owner, group, others
Lets assume scott user who's primary group is dev creates a file called test.dat and then grants some privileges on that file...
scott@unix-host> echo "this is a test" > test.dat
scott@unix-host> chmod 640... (4 Replies)
Discussion started by: luft
4 Replies
7. HP-UX
HI all,
We had created new user using the command useradd -d /home/selva -s /usr/local/bin/bash selva. But it didnt created the home directory on /home. So i manually created, copied skel files manually and changed the owner from root to selva. At the same time i observed that so many files... (6 Replies)
Discussion started by: selvaforum
6 Replies
8. AIX
Friends,
I've tried to modify the syslogs permission by using the perm option in the syslog configuration in AIX 6.1 TL 05. But its not getting applied after the configuration. Have restarted the syslog service also.
Need your help!:wall:
The below are the conf details and os versions
>... (1 Reply)
Discussion started by: novaothers
1 Replies
9. Shell Programming and Scripting
Hi All,
I have to work in the late nights some times for server maintenance and in a hurry to complete I am accidentally changing ownership or permission of directories :(
which have similar names ( /var in root and var of some other directory ).:confused:
Can some one suggest me with the... (1 Reply)
Discussion started by: shiek.kaleem
1 Replies
10. Linux
Hello everybody,
I have many mount points on my virtual Redhat server, two of them lost their (write) permission, so they became read-only filesystems.
I fixed this problem.
But I want to know why it happened? What is the reason behind that to avoid it again? Where can I find related logs?... (2 Replies)
Discussion started by: Mohannad
2 Replies
LEARN ABOUT CENTOS
pam_tty_audit
PAM_TTY_AUDIT(8) Linux-PAM Manual PAM_TTY_AUDIT(8)
NAME
pam_tty_audit - Enable or disable TTY auditing for specified users
SYNOPSIS
pam_tty_audit.so [disable=patterns] [enable=patterns]
DESCRIPTION
The pam_tty_audit PAM module is used to enable or disable TTY auditing. By default, the kernel does not audit input on any TTY.
OPTIONS
disable=patterns
For each user matching one of comma-separated glob patterns, disable TTY auditing. This overrides any previous enable option matching
the same user name on the command line.
enable=patterns
For each user matching one of comma-separated glob patterns, enable TTY auditing. This overrides any previous disable option matching
the same user name on the command line.
open_only
Set the TTY audit flag when opening the session, but do not restore it when closing the session. Using this option is necessary for
some services that don't fork() to run the authenticated session, such as sudo.
log_passwd
Log keystrokes when ECHO mode is off but ICANON mode is active. This is the mode in which the tty is placed during password entry. By
default, passwords are not logged. This option may not be available on older kernels (3.9?).
MODULE TYPES PROVIDED
Only the session type is supported.
RETURN VALUES
PAM_SESSION_ERR
Error reading or modifying the TTY audit flag. See the system log for more details.
PAM_SUCCESS
Success.
NOTES
When TTY auditing is enabled, it is inherited by all processes started by that user. In particular, daemons restarted by an user will still
have TTY auditing enabled, and audit TTY input even by other users unless auditing for these users is explicitly disabled. Therefore, it is
recommended to use disable=* as the first option for most daemons using PAM.
To view the data that was logged by the kernel to audit use the command aureport --tty.
EXAMPLES
Audit all administrative actions.
session required pam_tty_audit.so disable=* enable=root
SEE ALSO
aureport(8), pam.conf(5), pam.d(5), pam(8)
AUTHOR
pam_tty_audit was written by Miloslav Trma <mitr@redhat.com>. The log_passwd option was added by Richard Guy Briggs <rgb@redhat.com>.
Linux-PAM Manual 09/04/2013 PAM_TTY_AUDIT(8)