Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Is there a way to find when a user is added in Linux host?
Top Forums Shell Programming and Scripting Is there a way to find when a user is added in Linux host? Post 302886742 by rbatte1 on Monday 3rd of February 2014 11:26:46 AM
Old 02-03-2014
The timestamp of the home-directory will only show the last modification of the directory, which is altered when an object within it (file, sub-directory, pipe etc.) is create/deleted/renamed etc. so just using ls -l ~someuser/ is unreliable.

Going forward, you could intercept the executable /usr/bin/useradd with your own script that writes to either a log file or the syslog. Looking for something that has already happened, you might get lucky if the operative used sudo and that will have been written to the syslog. Of course, it depends how long you keep your syslog.

We have intercepted the call to write logs and we also have a monthly reconciliation of new accounts against requests, so that narrows it down.

Unfortunately, being paranoid after an event does not mean that you can necessarily find the original action.



I hope that this helps,
Robin
Liverpool/Blackburn
UK
Last edited by rbatte1; 02-03-2014 at 12:31 PM.. Reason: Additional comment about "ls -l ~someuser" being unreliable
 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

how to find the host name

HI, what is the command to find the host name with IP address. is possible to find the host name of other boxes( having their ip) from the same box (assuming telnet to other box is possible from this) Regards, Ananda (1 Reply)
Discussion started by: ani_rvce
1 Replies

2. UNIX for Dummies Questions & Answers

How many user can be added to single group

Hi There, How many user can be added to a unix single group. I need this for unix and solaris. BRs -----Post Update----- I'm asking about secondary group and not primary group. All the users are having 8 character as their username. value is set for getconf LINE_MAX is... (1 Reply)
Discussion started by: maestromani
1 Replies

3. UNIX for Dummies Questions & Answers

change user> to user@host> ssh prompt

Hi, I was wondering how to change the prompt for my ssh login. At the moment it is like user> while I'd like it to be as user@host> It is in the .bash_profile or .ssh ??? Thanks (2 Replies)
Discussion started by: pmasterkim
2 Replies

4. UNIX for Advanced & Expert Users

Help! How to find the local host after few ssh hops to remote host???

I do a ssh to remote host(A1) from local host(L1). I then ssh to another remote(A2) from A1. When I do a who -m from A2, I see the "connected from" as "A1". => who -m userid pts/2 2010-03-27 08:47 (A1) I want to identify who is the local host who initiated the connection to... (3 Replies)
Discussion started by: gomes1333
3 Replies

5. HP-UX

How can I find the size of files added to a folder after a particular date

Hi, I want to find the size of the files added to a folder after a certain date(say 1st of october), I know we can list the files which were created after a certain date , but is there anyway to find the total size of those files ? (3 Replies)
Discussion started by: alookachaloo
3 Replies

6. UNIX for Dummies Questions & Answers

Host file per user

Is anyone aware of a way of creating a local hosts file for a user? Getting a change made to /etc/hosts by our administrators takes about 4 weeks and a ridiculous amount of form filling for such a simple task, so was hoping I could have a locally controlled one for my user. Is such a thing... (0 Replies)
Discussion started by: dlam
0 Replies

7. Solaris

Why this message came when i added user in group?

Hi all, When I added one user in in this group hhs_gl6 following message got generated. -bash-3.00$ /usr/local/bin/sudo /usr/sbin/usermod -G hhs_gl6 vivek UX: /usr/sbin/usermod: hhs_gl6 name should be all lower case or numeric. However when I cheked the user in /etc/group file, the... (1 Reply)
Discussion started by: manalisharmabe
1 Replies

8. Red Hat

How to find which host a VM is running on?

We have quite a few Linux VMs running (several hundred). Some are running in VMware and some are running on Citrix XenServer. I know that it is possible, for example, to go into vSphere and search for the host name. But there are times where it is not found for whatever reason and I want to log... (0 Replies)
Discussion started by: keelba
0 Replies

9. Linux

Mount a newly added LUN on a GNU/Linux distro

Hi I am not familiar with the linux, but I was asked to create a file system on a LUN from the NetApp that was mapped to the linux server. The server is runing: uname -a Linux localhost.localdomain 2.6.18-92.el5 #1 SMP Tue Apr 29 13:16:15 EDT 2008 x86_64 x86_64 x86_64 GNU/Linux and now... (6 Replies)
Discussion started by: fretagi
6 Replies

LEARN ABOUT CENTOS

shell-quote

SHELL-QUOTE(1)						User Contributed Perl Documentation					    SHELL-QUOTE(1)

NAME

       shell-quote - quote arguments for safe use, unmodified in a shell command

SYNOPSIS

       shell-quote [switch]... arg...

DESCRIPTION

       shell-quote lets you pass arbitrary strings through the shell so that they won't be changed by the shell.  This lets you process commands
       or files with embedded white space or shell globbing characters safely.	Here are a few examples.

EXAMPLES

       ssh preserving args
	   When running a remote command with ssh, ssh doesn't preserve the separate arguments it receives.  It just joins them with spaces and
	   passes them to "$SHELL -c".	This doesn't work as intended:

	       ssh host touch 'hi there'	   # fails

	   It creates 2 files, hi and there.  Instead, do this:

	       cmd=`shell-quote touch 'hi there'`
	       ssh host "$cmd"

	   This gives you just 1 file, hi there.

       process find output
	   It's not ordinarily possible to process an arbitrary list of files output by find with a shell script.  Anything you put in $IFS to
	   split up the output could legitimately be in a file's name.	Here's how you can do it using shell-quote:

	       eval set -- `find -type f -print0 | xargs -0 shell-quote --`

       debug shell scripts
	   shell-quote is better than echo for debugging shell scripts.

	       debug() {
		   [ -z "$debug" ] || shell-quote "debug:" "$@"
	       }

	   With echo you can't tell the difference between "debug 'foo bar'" and "debug foo bar", but with shell-quote you can.

       save a command for later
	   shell-quote can be used to build up a shell command to run later.  Say you want the user to be able to give you switches for a command
	   you're going to run.  If you don't want the switches to be re-evaluated by the shell (which is usually a good idea, else there are
	   things the user can't pass through), you can do something like this:

	       user_switches=
	       while [ $# != 0 ]
	       do
		   case x$1 in
		       x--pass-through)
			   [ $# -gt 1 ] || die "need an argument for $1"
			   user_switches="$user_switches "`shell-quote -- "$2"`
			   shift;;
		       # process other switches
		   esac
		   shift
	       done
	       # later
	       eval "shell-quote some-command $user_switches my args"

OPTIONS

       --debug
	   Turn debugging on.

       --help
	   Show the usage message and die.

       --version
	   Show the version number and exit.

AVAILABILITY

       The code is licensed under the GNU GPL.	Check http://www.argon.org/~roderick/ or CPAN for updated versions.

AUTHOR

       Roderick Schertler <roderick@argon.org>

perl v5.16.3							    2010-06-11							    SHELL-QUOTE(1)
All times are GMT -4. The time now is 06:25 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy