08-09-2012
Compile and install rootsh (that's what I did) and now all activity on command line is logged to syslog (and from there to Splunk), per session, per user, all inputs (and if opted for at compile time, all outputs too).
There's also a tool called sudosh that may be of use to you (creates logs for auditing later).
Some issues with buffer and control characters core dumping your shell, but by and large it does the job of "unescapable command line auditing", where sudo only does the job of "unescapable command execution".
Rootsh is on sourceforge, I had more success with an older version, think the latest version wasn;t happy on AIX 5.3 (I did this ages ago....)
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Dear all
Ihave written a script in Hpux9.0, the ecript is working fine if I run it from root command prompt
But when I am running it thru /etc/profile or /user/.profile and login as a normal user, the owner of the process running the script is the normal user & hence cant run a root privileaged... (7 Replies)
Discussion started by: initin
7 Replies
2. UNIX for Dummies Questions & Answers
hi
i am new to unix and i have abig task. i have to \run particular commands having root privileges from a non root user. i know sudo is one of the way but i need sum other approach kindly help
Thanks (5 Replies)
Discussion started by: suryashikha
5 Replies
3. UNIX for Advanced & Expert Users
Hi,
I have a unix server and I am concerned about the security on that server.
I would like to be able to write a script that records all the commands that were typed at the command prompt before the user calls the 'history -c' command and deletes all the history.
I was thinking about firing or... (7 Replies)
Discussion started by: mishkamima
7 Replies
4. SuSE
I am using SUSE Linux Enterprise Server 10 SP2 (i586) and I had earlier ammended my sudoers file to allow users to become root user with "sudo su - " command
Now I am trying to add multiple users to the sudoers file to run several commands such as restarting the server, restarting the nagios... (9 Replies)
Discussion started by: hedkandi
9 Replies
5. Shell Programming and Scripting
Hi,
I am new to scripting. I am trying to write a script to ssh one remote machine and run a sudo command.
ssh <hostname> sudo -S <command> < ~/pass.txt
I am stored my password in pass.txt.
I am getting error
sudo: no tty present and no askpass program specified
Please suggest me how can... (1 Reply)
Discussion started by: venkia9
1 Replies
6. Shell Programming and Scripting
Hello I have a script which is working fine so far to generate HTML file. Now i am wondering how do i include a syntax where it can change itself to root user and execute a specific commands as root user.
Please help, Thanks in advance.
-Siddhesh (2 Replies)
Discussion started by: Siddheshk
2 Replies
7. AIX
Hello,
I am testing sudo and I want to test it. Can anyone please let me know few commands (of course other than shutdown, reboot etc. as I can't reboot the box) on AIX that can be run by ROOT only.
Thanks
---------- Post updated at 07:43 PM ---------- Previous update was at 07:38 PM... (5 Replies)
Discussion started by: prvnrk
5 Replies
8. Shell Programming and Scripting
I'm working on a script to SSH and SUDO as (sap user sidadm) then automatically run commands that the sidadm user can run such as R3trans -v, tp, etc..
I can SSH without password and SUDO..
but the commands don't run after I SSH and SUDO to the sidadm user...here is the commands that I've... (2 Replies)
Discussion started by: icemanj
2 Replies
9. Red Hat
I have a set of RHEL 5 boxes running our ERP software on Oracle databases. I need to allow my DBA's to su to oracle and one other account (banner) without knowing the oracle or banner password. But I need to prevent them from su'ing to any other user especially root. I only want them to be able to... (1 Reply)
Discussion started by: westmoreland
1 Replies
10. Shell Programming and Scripting
Hi
I need to track what commands run in login session in solaris whether it is root or any normal users in bash shell.
My actual requirement is that when a user (nomal/root) login into the system, whatever commands he run, it should log into file on specified path . I don't require command... (4 Replies)
Discussion started by: hb00
4 Replies
LEARN ABOUT DEBIAN
su-to-root
su-to-root(1) Debian GNU/Linux manual su-to-root(1)
NAME
su-to-root - A simple script to give an `interactive' front-end to su. It can be used in menu entry commands to ask for the root password
SYNOPSIS
su-to-root [-X] [-p <user>] -c <command>
DESCRIPTION
Most menu entries simply start an editor or a game or whatever. But some menu entries would like to give the user the ability to change
important settings in the system, that require root privileges. su-to-root can be used to ask for the root password.
OPTIONS
-c <command>
The command to execute as a string. This option is mandatory.
-p <user>
The name of the user to change to, instead of root.
-X The command is a X11 program that does not require a terminal. This is to be used with menu entries that declare needs="X11".
ENVIRONMENT
SU_TO_ROOT_X
Select the su-like program called by su-to-root -X. Supported values are gksu, kdesu, kde4su, ktsuss,
sux, gksudo and kdesudo. kde4su denotes the KDE4 version of kdesu.
When this variable is not set su-to-root will currently try to use gksu, kdesu, kde4su, ktsuss, sux and the built-in code, in that
order with the exception that under a KDE session, kdesu and kde4su are prefered over gksu.
The exact set of programs to try and their order is subject to change without notice.
SU_TO_ROOT_SU
Select the su-like program used in text mode. Supported values are sudo, sux and su, the later being the default.
FILES
/etc/su-to-rootrc
~/.su-to-rootrc
su-to-root will source these files at startup in this order. This lets you define and modify the environment variables above without
restarting your X session.
COPYING
su-to-root is distributed under the GNU General Public License. (GPL 2.0 or greater).
AUTHORS
Joost Witteveen <joostje@debian.org>
X11 support by Morten Brix Pedersen and Bill Allombert <ballombe@debian.org>
SEE ALSO
update-menus(1), menufile(5), /usr/share/doc/menu/html
Debian Project 20 October 1998 su-to-root(1)