10-03-2012
gts is right - auditing a system can be tricky. Still, if you have only one (or very few) file(s) to monitor you can probably set up a loop with "lsof" and a log file, which might "catch" the offending process in the act. In any way, finding out which process modified a file in the past is impossible. You can only wait for the process to modify it again and then "catch" it while it does so.
I hope this helps.
bakunin
9 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Hi all,
I want to add a special character ^M to a line, if the line starts with ORDE.
All the other lines should remain unchanged.
Is there sed or other UNIX function who can do this.
Thanx in advance
Auke Quist (3 Replies)
Discussion started by: aukequist
3 Replies
2. Shell Programming and Scripting
All,
I know this is a very naive question but I could not find a way to get this working!
I have a file with values like
input.file
Value1
Value2
server1/mylogin,mypasswd
Value3
Value4
And in my code, I am reading the file line by line and processing it.
#! /bin/ksh... (6 Replies)
Discussion started by: bharath.gct
6 Replies
3. Shell Programming and Scripting
I have a text file like this:
subject1:LecturerA:10
subject2:LecturerA:40
if I was given string in column 1 and 2 (which are subject 1 and LecturerA) , i need to update 3rd field of that line containing that given string , which is, number 10 need to be updated to 100 ,for example.
The... (6 Replies)
Discussion started by: bmtoan
6 Replies
4. Shell Programming and Scripting
I need assistance with following requirement, I am new to Unix.
I want to do the following task but stuck with file creation date(sysdate)
Following is the requirement
I need to create a script that will read the abc/xyz/klm folder and look for *.err files for that day’s date and then send an... (4 Replies)
Discussion started by: PreetArul
4 Replies
5. Shell Programming and Scripting
Gents,
Kindly can you help me to update a file extracting the data from other file.
I have:
file1
The key in this file is substr($0,4,21), and I need to update the columns 6 and 7 using the information for file2.
S 21133.00 21535.00 1 0 919088.8 1843754.5 ... (2 Replies)
Discussion started by: jiam912
2 Replies
6. Shell Programming and Scripting
Hi,
I have a xml file that I need to modify 1 line to change some value from 2 to 10 (or any number).
Sample input:
<!-- some text here>
.
.
.
<message:test name="ryan">
<message:sample-channel charset="UTF-8" max-value="2" wait="20">
... (5 Replies)
Discussion started by: brichigo
5 Replies
7. UNIX for Advanced & Expert Users
i have a directory where all .csv files are available. i have 3 perl programs(ex: a.pl,b.pl,c.pl) which continuously runs every 1 minute to scan all files in that directory. now i have 2 questions
1) how can i write an app lock on that particular folder to make sure only one program will scan... (4 Replies)
Discussion started by: sbjv
4 Replies
8. Shell Programming and Scripting
I am trying to use awk to match the NM_ in file with $1 of id which is tab-delimited. The NM_ will always be in the line of file that starts with > and be after the second _. When there is a match between each NM_ and id, then the value of $2 in id is substituted or used to update the NM_. Each NM_... (3 Replies)
Discussion started by: cmccabe
3 Replies
9. Shell Programming and Scripting
I have an input file with
A=xyz
B=pqr
I would want the value in Second Field (xyz or pqr) updated with a value present in Shell Variable based on the value passed in the first field. (A or B )
while read line
do
NEW_VALUE = `some functionality done on $line`
If $line=First Field-... (1 Reply)
Discussion started by: infernalhell
1 Replies
LEARN ABOUT HPUX
setaudproc
setaudproc(2) System Calls Manual setaudproc(2)
NAME
setaudproc() - controls process level auditing for the current process and its decendents
SYNOPSIS
DESCRIPTION
controls process level auditing for the current process and its decendents. It accomplishes this by setting or clearing the flag in the
area of the calling process. When this flag is set, the system audits the process; when it is cleared, the process is not audited. This
call is restricted to users with the privilege.
One of the following flags must be used for aflag:
Audit the calling process and its decendents.
Do not audit the calling process and its decendents.
The flag is inherited by the descendents of a process. consequently, the effect of a call to is not limited to the current process, but
propagates to all its decendents as well. For example, if is called with the flag, all subsequent audited system calls in the current
process are audited until is called with the flag.
Further, performs its action regardless of whether the user executing the process has been selected to be audited or not. For example, if
is called with the (or the flag, all subsequent audited system calls will be audited (or not audited), regardless of whether the user exe-
cuting the process has been selected for auditing or not.
Due to these features, should not be used in most self-auditing applications. should be used (see audswitch(2)) when the objective is to
suspend auditing within a process without affecting its decendents or overriding the user selection aspect of the auditing system.
Security Restrictions
Some or all of the actions associated with this system call require the privilege. Processes owned by the superuser have this privilege.
Processes owned by other users may have this privilege, depending on system configuration. See privileges(5) for more information about
privileged access on systems that support fine-grained privileges.
RETURN VALUE
Upon successful completion, returns 0; otherwise, it returns -1 and sets to indicate the error.
AUTHOR
was developed by HP.
SEE ALSO
audevent(1M), audusr(1M), audswitch(2), getaudproc(2), audit(5), privileges(5).
setaudproc(2)