Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: How to identify users that have su'ed to a different account?
Top Forums UNIX for Beginners Questions & Answers How to identify users that have su'ed to a different account? Post 303032037 by nezabudka on Sunday 10th of March 2019 12:03:03 AM
Old 03-10-2019
Maybe that
Code:
getent passwd nez
>nez:x:1000:1000:nezabudka:/home/nez:/bin/bash
getent group wheel qemu
>wheel:x:10:nez
>qemu:x:107:nez
getent initgroups nez
>nez                   10 107 983 1000

 

7 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

How to know what users are logged in to account

hello all say im logged in to account ar root , but I can't change any thing there ( like username ) if someone is already logged in also . how can I know who is ( user name ) also connected to the user im using ? (2 Replies)
Discussion started by: umen
2 Replies

2. Shell Programming and Scripting

Script to identify logged users & commands executed

Hi All, I am trying to write a script to get the user information & the command executed. I tried something like this : w | sort | awk '{print$5$6$7}' My requirement is to identify the users who execute the same command at same time. I need the user name & the... (2 Replies)
Discussion started by: vijayarajvp
2 Replies

3. UNIX for Advanced & Expert Users

audit user commands of different users under root account

Hi, I would like to know if there is anyway that I can pinpoint the user before/after he connects to the root? Also, I'm trying to find out what are the commands he inputs under root access. (6 Replies)
Discussion started by: pointgetter0
6 Replies

4. Cybersecurity

Private account for administration users

Hello, My DBAs are connecting to the unix servers with ORACLE account. I would like to create for each one of them a private user . Only after connecting in ther private user allow them to su -oracle . My problem is that i need to prevent them from connecting remothly with SSH as oracle user.... (1 Reply)
Discussion started by: yoavbe
1 Replies

5. Cybersecurity

Please help identify these user account

Please help me identify these user accounts.. bin, lp, nuucp, smbnull, mysql, tftp Can we remove these user or disable these users?We have to apply the security policy about the user identification.Since it was settup by our vendor long time ago. We do not have these informations about these... (3 Replies)
Discussion started by: rdstkg
3 Replies

6. Red Hat

how to setup An extra account with name 'unixuser' who can have the previlege to reset other users?

Hi I want to setup an extra account with name 'unixuser' who has the previlege to reset the passwords of other users like eng or myuser (other user). Please help me.. Waiting for a reply.. Thanks, MJavalkar (1 Reply)
Discussion started by: mjavalkar
1 Replies

7. Solaris

Remove a given profile from a users account

Hi Guys, I was studying RBAC and I gave a profile to a user . I have not seen anywhere that shows how to remove the profile from the users account. Can anyone show me how to remove a given profile from a users account? Thanks alot guys. (2 Replies)
Discussion started by: cjashu
2 Replies

LEARN ABOUT LINUX

pam_wheel

PAM_WHEEL(8)							 Linux-PAM Manual						      PAM_WHEEL(8)

NAME

       pam_wheel - Only permit root access to members of group wheel

SYNOPSIS

       pam_wheel.so [debug] [deny] [group=name] [root_only] [trust]

DESCRIPTION

       The pam_wheel PAM module is used to enforce the so-called wheel group. By default it permits root access to the system if the applicant
       user is a member of the wheel group. If no group with this name exist, the module is using the group with the group-ID 0.

OPTIONS

       debug
	   Print debug information.

       deny
	   Reverse the sense of the auth operation: if the user is trying to get UID 0 access and is a member of the wheel group (or the group of
	   the group option), deny access. Conversely, if the user is not in the group, return PAM_IGNORE (unless trust was also specified, in
	   which case we return PAM_SUCCESS).

       group=name
	   Instead of checking the wheel or GID 0 groups, use the name group to perform the authentication.

       root_only
	   The check for wheel membership is done only.

       trust
	   The pam_wheel module will return PAM_SUCCESS instead of PAM_IGNORE if the user is a member of the wheel group (thus with a little play
	   stacking the modules the wheel members may be able to su to root without being prompted for a passwd).

MODULE TYPES PROVIDED

       The auth and account module types are provided.

RETURN VALUES

       PAM_AUTH_ERR
	   Authentication failure.

       PAM_BUF_ERR
	   Memory buffer error.

       PAM_IGNORE
	   The return value should be ignored by PAM dispatch.

       PAM_PERM_DENY
	   Permission denied.

       PAM_SERVICE_ERR
	   Cannot determine the user name.

       PAM_SUCCESS
	   Success.

       PAM_USER_UNKNOWN
	   User not known.

EXAMPLES

       The root account gains access by default (rootok), only wheel members can become root (wheel) but Unix authenticate non-root applicants.

	   su	   auth     sufficient	   pam_rootok.so
	   su	   auth     required	   pam_wheel.so
	   su	   auth     required	   pam_unix.so

SEE ALSO

       pam.conf(5), pam.d(5), pam(7)

AUTHOR

       pam_wheel was written by Cristian Gafton <gafton@redhat.com>.

Linux-PAM Manual						    05/31/2011							      PAM_WHEEL(8)
All times are GMT -4. The time now is 03:36 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy