12-05-2018
I'm sure if a user did malicious things, he would delete the history file or forge it easily.
History is not auditing.
Only why to track that is by employing auditing, which i never turned on on HPUX v3.
But i did find a document describing it with a lot of information.
https://support.hpe.com/hpsc/doc/pub...r_na-c02899022
Be careful playing with audit, do not
just do it on production systems, use test systems first.
Audit configuration requires careful planning and implementation.
Hope that helps.
Regards
Peasant.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hello!
I want users in a certain group to be restricted to their home directory. So that they have full access to all files and folders in their home directory but the cant go to any directory above.
Does anyone know how to do this?
Anders (1 Reply)
Discussion started by: alfabetman
1 Replies
2. Programming
Hi,
I would like to monitor which users enter my home directory. Is it possible to write a script or code to do this. I donot have admin privileges. I have given read permissions to access my home directory.
Any pointers in this direction is helpful!
Thanks,
Pradeep
Ps: I use the... (1 Reply)
Discussion started by: mnpradeep
1 Replies
3. UNIX for Dummies Questions & Answers
Hi
I want to know which profile will be called when a user without home directory is created.
When I created a user without home directory(by setting in /etc/default/useradd), the user is able to login directly into the main "/" folder but with only read permissions.
Thanks
naina (3 Replies)
Discussion started by: naina
3 Replies
4. UNIX for Dummies Questions & Answers
Hi,
I am looking for a shell script (or any other way), that puts a user in a home directory jail. So for example, I have a user named richard and I don't want him wandering outside /usr/users/richard. I don't want him to cd to anywhere including cd ..
Somebody said you can do that with... (3 Replies)
Discussion started by: mz043
3 Replies
5. UNIX for Dummies Questions & Answers
I'm using HPUX 11i. The other day a user logon to the workstation and was not able to find the /home/directory (tom is the directory) I login myself and it is the same thing.
The home directory is on the server, so I was thinking of using sam to map it again. does anyone know how to do it... (5 Replies)
Discussion started by: blizzgamer
5 Replies
6. Solaris
How to find al the user's home directories? (2 Replies)
Discussion started by: a2156z
2 Replies
7. Solaris
Hi Guys,
I have a problem with configuring a server. this is a solaris 10 with sparc platform.
I have setup so that the server is Authenticating through NIS but I dont want the server to Mount the Home directories. The users need to logged in through the CDE/display.
I have over 200 users... (2 Replies)
Discussion started by: Luky
2 Replies
8. Shell Programming and Scripting
Following on from this post:
https://www.unix.com/shell-programming-scripting/150201-simple-script-mount-folder-all-users-home.html
and getting told off for bumping the thread:(
Please could someone help me with a short script to check is a certain directory is present in /home for all users... (8 Replies)
Discussion started by: barrydocks
8 Replies
9. UNIX for Dummies Questions & Answers
Hi I've just made a directory, what command do I use to now make it the base directory?
Thanks!!!!!!!!!!!!!!! (1 Reply)
Discussion started by: beckywatson
1 Replies
10. UNIX for Advanced & Expert Users
Hi,
I have created a shared directory on /home, where all users on a certain group have read, write and execute permissions.
I did this using
chmod -R g+rwx /home/shared/
The problem is, when a particular user creates a directory within /home/shared, other users are not able to write to... (8 Replies)
Discussion started by: lost.identity
8 Replies
LEARN ABOUT HPUX
audwrite
audwrite(2) System Calls Manual audwrite(2)
NAME
audwrite() - write an audit record for a self-auditing process
SYNOPSIS
DESCRIPTION
is called by self-auditing processes, which are capable of turning off the regular auditing using the system call (see audswitch(2)) and
doing higher-level auditing on their own. is restricted to users with the privilege.
checks to see if the auditing system is on and the calling process and the event specified are being audited. If these conditions are met,
writes the audit record pointed to by audrec_p into the audit trail. The record consists of an audit record body and a header with the
following fields:
/* Date/time (tv_sec of timeval) */
/* Process ID */
/* Success/failure */
/* Event being audited */
/* Length of variant part */
The body contains additional information about the high-level audit event. The header fields and are specified by the calling process.
fills in and fields with the correct values. this is done to reduce the risk of forgery. Beginning with 11i version 3 release, converts
the record into a different format before writing it into the current audit trail.
Security Restrictions
Some or all of the actions associated with this system call require the privilege. Processes owned by the superuser have this privilege.
Processes owned by other users may have this privilege, depending on system configuration. See privileges(5) for more information about
privileged access on systems that support fine-grained privileges.
RETURN VALUE
If the write is successful, a value of is returned. Otherwise, a value of is returned and is set to indicate the reason for the failure.
ERRORS
fails if one of the following is true:
The caller does not possess the
privilege.
The event number in the audit record is invalid.
WARNINGS
If causes a file space overflow, the calling process might be suspended until the file space is cleaned up. However, a returned call with
the return value of indicates that the audit record has been successfully written.
AUTHOR
was developed by HP.
SEE ALSO
audswitch(2), audit(4), privileges(5).
audwrite(2)