Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: How to set variable for users with no home directory?
Operating Systems HP-UX How to set variable for users with no home directory? Post 303026950 by Peasant on Wednesday 5th of December 2018 11:40:56 AM
Old 12-05-2018
I'm sure if a user did malicious things, he would delete the history file or forge it easily.
History is not auditing.

Only why to track that is by employing auditing, which i never turned on on HPUX v3.
But i did find a document describing it with a lot of information.
https://support.hpe.com/hpsc/doc/pub...r_na-c02899022

Be careful playing with audit, do not just do it on production systems, use test systems first.
Audit configuration requires careful planning and implementation.

Hope that helps.
Regards
Peasant.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Restrict users to ther home directory

Hello! I want users in a certain group to be restricted to their home directory. So that they have full access to all files and folders in their home directory but the cant go to any directory above. Does anyone know how to do this? Anders (1 Reply)
Discussion started by: alfabetman
1 Replies

2. Programming

Monitor which users enter my home directory

Hi, I would like to monitor which users enter my home directory. Is it possible to write a script or code to do this. I donot have admin privileges. I have given read permissions to access my home directory. Any pointers in this direction is helpful! Thanks, Pradeep Ps: I use the... (1 Reply)
Discussion started by: mnpradeep
1 Replies

3. UNIX for Dummies Questions & Answers

Profiles for users without home directory

Hi I want to know which profile will be called when a user without home directory is created. When I created a user without home directory(by setting in /etc/default/useradd), the user is able to login directly into the main "/" folder but with only read permissions. Thanks naina (3 Replies)
Discussion started by: naina
3 Replies

4. UNIX for Dummies Questions & Answers

Home Directory Jail for Users

Hi, I am looking for a shell script (or any other way), that puts a user in a home directory jail. So for example, I have a user named richard and I don't want him wandering outside /usr/users/richard. I don't want him to cd to anywhere including cd .. Somebody said you can do that with... (3 Replies)
Discussion started by: mz043
3 Replies

5. UNIX for Dummies Questions & Answers

lost /home/directory for users

I'm using HPUX 11i. The other day a user logon to the workstation and was not able to find the /home/directory (tom is the directory) I login myself and it is the same thing. The home directory is on the server, so I was thinking of using sam to map it again. does anyone know how to do it... (5 Replies)
Discussion started by: blizzgamer
5 Replies

6. Solaris

find home directory paths for all users

How to find al the user's home directories? (2 Replies)
Discussion started by: a2156z
2 Replies

7. Solaris

Common Home directory for different users??

Hi Guys, I have a problem with configuring a server. this is a solaris 10 with sparc platform. I have setup so that the server is Authenticating through NIS but I dont want the server to Mount the Home directories. The users need to logged in through the CDE/display. I have over 200 users... (2 Replies)
Discussion started by: Luky
2 Replies

8. Shell Programming and Scripting

script to check for a directory in /home for all users

Following on from this post: https://www.unix.com/shell-programming-scripting/150201-simple-script-mount-folder-all-users-home.html and getting told off for bumping the thread:( Please could someone help me with a short script to check is a certain directory is present in /home for all users... (8 Replies)
Discussion started by: barrydocks
8 Replies

9. UNIX for Dummies Questions & Answers

Unix set home directory

Hi I've just made a directory, what command do I use to now make it the base directory? Thanks!!!!!!!!!!!!!!! (1 Reply)
Discussion started by: beckywatson
1 Replies

10. UNIX for Advanced & Expert Users

Permissions on a directory in /home for all users

Hi, I have created a shared directory on /home, where all users on a certain group have read, write and execute permissions. I did this using chmod -R g+rwx /home/shared/ The problem is, when a particular user creates a directory within /home/shared, other users are not able to write to... (8 Replies)
Discussion started by: lost.identity
8 Replies

LEARN ABOUT HPUX

audsys

audsys(1M)																audsys(1M)

NAME

       audsys - start/halt the auditing system; set/display auditing system status information

SYNOPSIS

       num] file | directory cafs] file | directory xafs]

DESCRIPTION

       allows  the  user to do the following operations: start or halt the auditing system; specify the auditing system "current" and "next" audit
       trails and their switch sizes; display auditing system status information; and, for regular mode, specify the number of active  files  that
       comprise an audit trail.

       If  the number of files specified by the option is greater than or equal to one (regular mode), the audit trail will be present on the file
       system as a directory with multiple files in it.

       If the number specified is zero (compatibility mode), the audit trail will be contained in a single file.   Compatibility  mode	is  solely
       supported for backward compatibility and will be obsoleted in any future releases after HP-UX 11i Version 3.

       The command is restricted to privileged users.

       The  "current"  audit  trail is the file or directory to which the auditing system writes audit records.  When the "current" trail grows to
       either its AuditFileSwitch (AFS) size or its FileSpaceSwitch (FSS) size (see audomon(1M)), the auditing system switches	to  write  to  the
       "next" audit trail.

       The  auditing  system switches audit trails by setting the "current" trail designation to the "next" trail and setting the new "next" trail
       to NULL.  If the "next" trail is not specified, the auditing system creates a new trail with the same base name but with a different  time-
       stamp  extension.   Then  the  auditing system begins recording to the new trail.  For more details about the next trail name, refer to the
       option explanation in the section in this manpage.

       The auditing system can also run an external command after a successful audit trail switch.  See audomon(1M) for details.

       On a single system, the "current" and "next" trails can reside anywhere on the same or  different  file	systems.   The	directory  is  the
       default location for audit trails.

       When invoked without arguments, displays the status of the auditing system.  This status includes the following information:

	      o  Description as to whether auditing is on or off.

	      o  The names of the "current" and "next" audit trails.

	      o  A table listing the following size and space information:

		 o  The switch sizes of the audit trails.

		 o  The sizes of the file systems on which the audit trails are located.

		 o  The space available expressed as a percentage of the switch sizes and file system sizes.

   Options
       recognizes the following options:

	      Specify the file or directory which will be the "current" audit trail.
			     The  existing  "current" trail, if any, will be replaced by the trail specified, and the auditing system will immedi-
			     ately switch to the new "current" trail.

			     If the number of audit files specified by the option, is greater than or equal to 1 (regular mode), a directory  will
			     be  created  with the "current" trail name and the audit trail files will be stored in this directory.  The specified
			     file or directory must be empty or nonexistent, unless it is the "current" or "next" trail  already  in  use  by  the
			     auditing system.

			     The and options must be specified together.

	      Turn off the auditing system.
			     The and options are mutually exclusive.  Other options specified with are ignored.

	      Turn on the auditing system.
			     The  system  uses	existing "current" and "next" audit trails unless other trails are specified with the and options.
			     If no "current" audit trail exists (for example, when the auditing system is first installed), it	can  be  specified
			     with the option.

	      Specify the number of active files that comprise an audit trail.
			     The  auditing system will use one or more writer threads to log data into these files.  Each writer thread will write
			     to one file.  If the option is not specified in the current command, then the previous setting for num will be  used.
			     If there is no previous setting, num will be set to 1.  If num is greater than or equal to 1 (regular mode), then the
			     audit trail files are named in this format: to The audit trail files are created in the directory specified with  the
			     option.  For example, if num is 3, then files named and are created.

			     If num is 0 (compatibility mode), then the audit trail will be a file with the name specified by the option.

			     Use  the  option with the option to turn on auditing.  Use the option by itself (that is, no other options are speci-
			     fied) to change the number of active files when the auditing system is running in regular mode.

			     The recommended value for num is approximately the number of processors on the system divided by two.

	      Specify	     cafs, the "current" trail's AuditFileSwitch (AFS) size (in Kbytes).

			     The and options must be specified together.

	      Specify the file or directory which will be the "next" audit trail.
			     Any existing "next" trail is replaced by the trail specified.  The specified trail  must  be  empty  or  nonexistent,
			     unless it is the "current" or "next" trail already in use by the auditing system.

			     The and options must be specified together.

			     The  option  is  supported solely for backward compatibility and will be obsoleted in any future releases after HP-UX
			     11i Version 3.

			     If the "next" audit trail is not specified by the option, the auditing system will take the "current"  audit  trail's
			     base name with a different timestamp extension as the "next" audit trail.	The name of the "next" audit trail will be
			     determined at the next switch point.  See audomon(1M) for more details.

			     Note: The auditing system modifies the specified audit trail name in the following situation:

			     o	    The current audit trail name ends with the 12 digits in format where yyyymmdd and HHMM are all digits and  not
				    necessarily a timestamp.

			     o	    The next audit trail is not configured.  That is, the option is not specified.

			     The audit trail name change occurs when audit file switch actually happens.  The dot and underscore are still part of
			     the audit trail name.  For example, the auditing system will change to

	      Specify	     xafs, the "next" trail's AuditFileSwitch (AFS) size (in Kbytes).

			     The and options must be specified together.

       If is specified without only the "current" audit file is changed; the existing "next" audit file remains.

       If is specified without only the "next" audit trail is changed; the existing "current" audit trail remains.

       The option can be used to manually switch from the "current" to the "next" trail by specifying the "next" trail as the new "current" trail.
       In this case, the trail specified becomes the new "current" trail and the "next" trail is set to NULL.

       In  instances where no "next" trail is desired, the option can be used to set the "next" trail to NULL by specifying the existing "current"
       trail as the new "next" trail.  In this case, the auditing system will create a new trail with the "current" trail's base name but  with  a
       different timestamp extension as the "next" trail.

       The user must be careful to select audit trails that reside on file systems large enough to accommodate the AuditFileSwitch (AFS) desired.

       returns a non-zero status and no action is performed if any of the following situations occur:

	      o  The  AuditFileSwitch  (AFS)  size specified for either audit trail exceeds the space available on the file system where the trail
		 resides.

	      o  The AFS size specified for either audit trail is less than the trail's current size.

	      o  The audit trail resides on a file system with no remaining user space (exceeds minfree, see the option in tunefs(1M)).

EXAMPLES

       Example 1:

       Turn on the auditing system and start recording data to using 2 writer threads.	Also set the AuditFileSwitch (AFS) size  to  1000  Kbytes.
       The specifies that the audit trail will be a directory with two files, and

       Because	the  AuditFileSwitch  (AFS)  size  is  set to 1000 Kbytes, the auditing system is going to monitor the growth of in size (see also
       audomon(1M)).  When the size has reached approximately 1000 Kbytes, the auditing system will try to switch recording data to the  following
       file:

       where is replaced by the time and date when the switch occurred.

       Example 2:

       Turn off the auditing system.

       The  option  causes  any  buffered data to be written out to the current audit trail.  And the auditing system will stop recording any data
       after that.

       Example 3:

       Turn on the auditing system in compatibility mode.

       This example is the same as Example 1 except that will be present on the file system as a regular file instead of a  directory  because	is
       specified.

WARNINGS

       Compatibility  mode and the option are solely supported for backward compatibility and will be obsoleted in any future releases after HP-UX
       11i Version 3.

       All modifications made to the audit system are lost upon reboot.  To make the changes permanent, set and in

       A user process will be blocked in the kernel if all of the following events occur:

       o  The file system containing the current audit trail is full.

       o  If the "next" audit trail is specified, the file system containing this audit trail is full.

       o  The user process makes an auditable system call or generates an auditable event.

       A user process will also be blocked in the kernel if both of these events occur:

       o  The pre-allocated kernel audit data buffer is full.

       o  The user process makes an auditable system call or generates an auditable event.

       In order to recover from the resulting deadlock, it will be necessary to kill the session leader of the console so that	the  administrator
       can login.  For this reason sensitive applications must not be run as session leaders on the console.

AUTHOR

       was developed by HP.

SEE ALSO

       audomon(1M), tunefs(1M), audctl(2), audwrite(2), setsid(2), audit(5).

																	audsys(1M)
All times are GMT -4. The time now is 10:36 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy