11-07-2002
Logging all commands after a sudo su-
Hi there,
It might seem tricky, I confess.
We use sudo to allow people to initiate priviledged commands (but not all commands) on our Unix systems.
To by pass this, some people initiate the sudo su - command ;
The main issue is to 'know' what those people do when they gain root access.
Is there a way to have a log of all commands done by a user whent they have gained root access? This way, we could at least know what they do.
Regards,
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi all,
I have two problems, My system is SunOS 5.9:
1- I have installed sudo but I have a problem logging user activities on other hosts, the way I installed it is that I installed sudo and the sudoers file in a shared directory on a NFS server which is mounted by all computers on the... (1 Reply)
Discussion started by: neked
1 Replies
2. Solaris
I'm looking for a CLI utility that will capture all the commands you type at the Solaris CLI (and their output) into a file. I'm sure it's called "scripter", but I can't find anything on a command called scripter.
Does anyone know of a such a command?
Your help will be greatly... (3 Replies)
Discussion started by: soliberus
3 Replies
3. HP-UX
Jul 14 08:02:40 servera sshd: Accepted keyboard-interactive/pam for someuser from x.x.x.x port 1406 ssh2
Jul 14 08:02:48 servera su: - 1 someuser-root
Jul 14 08:03:03 servera sudo: someuser : TTY=pts/1 ; PWD=/home/someuser ; USER=root ; COMMAND=/usr/bin/su -
Jul 14 08:03:03 servera su: + 1... (3 Replies)
Discussion started by: Ikon
3 Replies
4. Cybersecurity
Dear friends
I'm looking for a solution to log all commands that users do in my RedHat box, and send it out to other remote server,
Is there any guide for that
Thanks
---------- Post updated at 04:20 AM ---------- Previous update was at 03:47 AM ----------
I can think of something else
I... (7 Replies)
Discussion started by: reaky
7 Replies
5. Shell Programming and Scripting
hi all,
I am new to unix and unix scipting. i need a script to logging into servers and to excute some commands in each server.
for eg :
I tried with below script ,but cant get the desired o/p. please help with this
for i in `cat serverlist`
do
echo $i
ssh $i uname -a ;
cat... (4 Replies)
Discussion started by: sudharson
4 Replies
6. UNIX for Advanced & Expert Users
There was an update in sudo 1.7.5 :
-The I/O log directory may now be specified in the sudoers file.
I am stuck using sudo 1.7.4p6. Because it is supported by HP on thier HP-UX builds.
Is there a process to change this directory in sudo 1.7.4p6?
currently sudo 1.7.4p6's default is... (3 Replies)
Discussion started by: trimike
3 Replies
7. UNIX for Dummies Questions & Answers
Hi,
Can you please give me a list of commands executed through 'sudo' command, thank you. (1 Reply)
Discussion started by: Dev_Dev
1 Replies
8. Programming
Is there a way to transfer my sudo password via ssh so that I can copy files remotely and pass them locally, so:
cat sudo-passwd-file|ssh -t user@10.7.0.180 'sudo find / -depth|cpio -oacv|gzip' > /path/to/dir/file.cpio.gz
I am in the process of a creating a script. Everytime I try and just... (16 Replies)
Discussion started by: metallica1973
16 Replies
9. Shell Programming and Scripting
Hi,
I am new to scripting. I am trying to write a script to ssh one remote machine and run a sudo command.
ssh <hostname> sudo -S <command> < ~/pass.txt
I am stored my password in pass.txt.
I am getting error
sudo: no tty present and no askpass program specified
Please suggest me how can... (1 Reply)
Discussion started by: venkia9
1 Replies
10. Solaris
Hi All
I have a requirement in which during sudo logging, I must get the year details also in sudo log file. As below output is not mentioning the year due to this I will not able to idenfiy that this log belong to 2012 or 2011 or 2010
Dec 12 11:30:21 XYZ sudo: user1 : TTY=pts/5 ;... (4 Replies)
Discussion started by: sb200
4 Replies