Linux audits in syslog, any time a user is deleted or added. However, I'm running a Solaris11 VM, and find no such entries. How can I enable auditing for useradd and userdel? Oracle's documentation on managing the auditing service, has been of no assistance. Thanks.
I just want to audit and log to syslog when a user is added, removed or modified from the system.
According to the docs I have:
#/etc/security/audit_control
dir:/var/audit
flags:ua
minfree:20
naflags:ua
plugin:name=audit_syslog.so.1; p_flags=ua
But neither syslog nor auditreduce -c ua... (7 Replies)
Hi Friends
I am a Solaries newbie and I am looking out for a software or command or config that can capture all commands run by all users on a server on a daily basis. I believe that this Audit is being done in almost all enterprises and would like to know how the same is done there.
Any... (3 Replies)
Hi,
I have installed Solaris 10 in my PC and now installing Oracle10, but while adding a user i am getting following error:
useradd -g oinstall -G dba -d /export/home/oracle oracle
UX: useradd: ERROR: Inconsistent password files. See pwconv(1M).
I have tried pwconv command,... (4 Replies)
Good day all.
I'm trying to add a user with useradd and the -p option to assign a project name, but the result is that the user is created with an error message: "UX: useradd: user.root name should be all lower case or numeric."
The command:
useradd -d /export/home/tester -g rtpgrp -G... (2 Replies)
I installed Solaris 10 (8/11) and added an account for myself. It lives in
/export/home/{name} but /etc/passwd shows it is
/home/{name} where it seems to be mounted like a filesystem. I tried to
create another account from the command line but it doesn't work the same way.
I can't find... (7 Replies)
Dear All,
I have one of my Servers, running Solaris 9. I wanna enable the Audit log enabling, the way I did in Solaris 10 Servers.
After running, the bsmconv script, giving the reboots, modifying all the audit files in /etc/security, the audit is enabled, but the audit file which shall be... (3 Replies)
hi,
I enabled bsm modules (/etc/security/bsmconv) and rebooted Solaris 10. But service is going into maintenance state. I rebooted server and I see one error saying "sys/c2audit:audit_kssl() not defined properly". I am not sure, what it is indicating and how it should be fixed. Please suggest, how... (5 Replies)
Discussion started by: solaris_1977
5 Replies
LEARN ABOUT OPENSOLARIS
grablogs.conf
grablogs.conf(4) File Formats grablogs.conf(4)NAME
grablogs.conf - grablogs configuration for libgrablogs.so of the plugins of
gnome-system-log file
SYNOPSIS
/usr/lib/gnome-system-log/plugins/grablogs.conf
DESCRIPTION
The libgrablogs.so is a plugin for gnome-system-log(1), it colloct the log files from the system as many as possible. grablogs.conf is a
configuration file that contains a set of lines mixed with sh(1) syntax codes and individual
log files. libgrablogs.so will read the file try to get a log files list for
gnome-system-log(1). Users can copy the file into $HOME/.gnome2/gnome-system-log/plugins/`uname -p` to overwrite the system default one.
The grablogs.conf file contains the following configuration categories:
[configs]
Each line under this category is interpreted as a config file of System. The plugin will open the config file and try to find
all system paths of the logs.
[commands]
Each line under this category is interpreted as a shell command and will be execute through a pipe. And each line of the out-
put of the command will be interpreted as a log path.
[logs] Each line under this category is interpreted as a log path.
FILES
/usr/lib/gnome-system-log/plugins/grablogs.conf
The system default configuration file for the plugin libgrablogs.so
$HOME/.gnome2/gnome-system-log/plugins/`uname -p`/grablogs.conf
The user specific configuration file for the plugin libgrablogs.so
EMAMPLE
[configs]
/etc/syslog.conf
[commands]
for i in `svcs -aH -o FMRI | grep -v lrc `; do svcprop -p restarter/logfile $i 2>/dev/null || svcprop -q-p restarter/alt_logfile $i
2>/dev/null ; done
[logs]
/var/log/messages
/var/log/secure
/var/log/maillog
/var/log/cron
/var/log/Xorg.0.log
/var/log/XFree86.0.log
/var/log/auth.log
/var/log/cups/error_log
SEE ALSO gnome-system-log(1), pipelog.conf(1)gnome-utils 2.16.0 13 Oct 2006 grablogs.conf(4)