Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Logging all commands after a sudo su-
Top Forums UNIX for Advanced & Expert Users Logging all commands after a sudo su- Post 31426 by linuxmtl on Thursday 7th of November 2002 01:29:02 PM
Old 11-07-2002
Question Logging all commands after a sudo su-
Hi there,

It might seem tricky, I confess.

We use sudo to allow people to initiate priviledged commands (but not all commands) on our Unix systems.

To by pass this, some people initiate the sudo su - command ;

The main issue is to 'know' what those people do when they gain root access.

Is there a way to have a log of all commands done by a user whent they have gained root access? This way, we could at least know what they do.

Regards,
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

sudo logging + NFS hang?

Hi all, I have two problems, My system is SunOS 5.9: 1- I have installed sudo but I have a problem logging user activities on other hosts, the way I installed it is that I installed sudo and the sudoers file in a shared directory on a NFS server which is mounted by all computers on the... (1 Reply)
Discussion started by: neked
1 Replies

2. Solaris

Logging commands and output

I'm looking for a CLI utility that will capture all the commands you type at the Solaris CLI (and their output) into a file. I'm sure it's called "scripter", but I can't find anything on a command called scripter. Does anyone know of a such a command? Your help will be greatly... (3 Replies)
Discussion started by: soliberus
3 Replies

3. HP-UX

sudo or su logging

Jul 14 08:02:40 servera sshd: Accepted keyboard-interactive/pam for someuser from x.x.x.x port 1406 ssh2 Jul 14 08:02:48 servera su: - 1 someuser-root Jul 14 08:03:03 servera sudo: someuser : TTY=pts/1 ; PWD=/home/someuser ; USER=root ; COMMAND=/usr/bin/su - Jul 14 08:03:03 servera su: + 1... (3 Replies)
Discussion started by: Ikon
3 Replies

4. Cybersecurity

Logging shell commands and send it out

Dear friends I'm looking for a solution to log all commands that users do in my RedHat box, and send it out to other remote server, Is there any guide for that Thanks ---------- Post updated at 04:20 AM ---------- Previous update was at 03:47 AM ---------- I can think of something else I... (7 Replies)
Discussion started by: reaky
7 Replies

5. Shell Programming and Scripting

logging into server and excute commands

hi all, I am new to unix and unix scipting. i need a script to logging into servers and to excute some commands in each server. for eg : I tried with below script ,but cant get the desired o/p. please help with this for i in `cat serverlist` do echo $i ssh $i uname -a ; cat... (4 Replies)
Discussion started by: sudharson
4 Replies

6. UNIX for Advanced & Expert Users

change io logging directory sudo 1.7.4p6

There was an update in sudo 1.7.5 : -The I/O log directory may now be specified in the sudoers file. I am stuck using sudo 1.7.4p6. Because it is supported by HP on thier HP-UX builds. Is there a process to change this directory in sudo 1.7.4p6? currently sudo 1.7.4p6's default is... (3 Replies)
Discussion started by: trimike
3 Replies

7. UNIX for Dummies Questions & Answers

sudo commands list

Hi, Can you please give me a list of commands executed through 'sudo' command, thank you. (1 Reply)
Discussion started by: Dev_Dev
1 Replies

8. Programming

Using Commands over SSH using Sudo

Is there a way to transfer my sudo password via ssh so that I can copy files remotely and pass them locally, so: cat sudo-passwd-file|ssh -t user@10.7.0.180 'sudo find / -depth|cpio -oacv|gzip' > /path/to/dir/file.cpio.gz I am in the process of a creating a script. Everytime I try and just... (16 Replies)
Discussion started by: metallica1973
16 Replies

9. Shell Programming and Scripting

How to run sudo commands under a script?

Hi, I am new to scripting. I am trying to write a script to ssh one remote machine and run a sudo command. ssh <hostname> sudo -S <command> < ~/pass.txt I am stored my password in pass.txt. I am getting error sudo: no tty present and no askpass program specified Please suggest me how can... (1 Reply)
Discussion started by: venkia9
1 Replies

10. Solaris

Sudo logging need year details also

Hi All I have a requirement in which during sudo logging, I must get the year details also in sudo log file. As below output is not mentioning the year due to this I will not able to idenfiy that this log belong to 2012 or 2011 or 2010 Dec 12 11:30:21 XYZ sudo: user1 : TTY=pts/5 ;... (4 Replies)
Discussion started by: sb200
4 Replies

LEARN ABOUT OPENSOLARIS

gksu

GKSU(1) 						      General Commands Manual							   GKSU(1)

NAME

       gksu - a Gtk+ su frontend

SYNOPSIS

       gksu [ options ] <command>
       gksudo [ options ] <command>

DESCRIPTION

       This manual page documents briefly gksu and gksudo

       gksu  is  a frontend to su and gksudo is a frontend to sudo.  Their primary purpose is to run graphical commands that need root without the
       need to run an X terminal emulator and using su directly.

OPTIONS

       These programs follow the usual GNU command line syntax, with long options starting with  two  dashes  (`-').   A  summary  of  options	is
       included below.

   Common Options:
       --user <user>, -u <user>

	      Calls <command> as the specified user

       --message <message>, -m <message>

	      Replaces the standard message shown to ask for password for the argument passed to the option

       --sudo-mode, -S

	      Use  sudo  instead  of  su as backend authentication system. Notice that the X authorization magic will not work when using sudo for
	      target users other than root.

       --title <title>, -t <title>

	      Replaces the default title with the argument

       --icon <icon>, -i <icon>

	      Replaces the default window icon with the argument

       --print-pass, -p

	      Asks gksu to print the password to stdout, just like ssh-askpass. Useful to use in scripts with programs that accept  receiving  the
	      password on stdin.

       --disable-grab, -g

	      Disables the "locking" of the keyboard, mouse, and focus done by the program when asking for password

       --ssh-fwd, -s

	      Strip the host part of the $DISPLAY variable, so that GKSu will work on SSH X11 Forwarding.

       --login, -l

	      Makes  this a login shell. Beware this may cause problems with the Xauthority magic. Run xhost to allow the target user to open win-
	      dows on your display! This is ignored if running with sudo as backend for authentication.

       --preserve-env, -k

	      Preserve the current environments, does not set $HOME nor $PATH, for example.

FILES

       /etc/gksu.conf
	      Configuration file to setup system-wide defaults for gksu/gksudo.  It provides an option to force the display grabing, also.

RETURN VALUE

       On success, gksu will return 0. If an authentication error ocurred, it will exit with error code 3. If the  user  canceled  the	dialog	or
       closed the window, it will return error code 2. On other error conditions, gksu will return 1.

NOTE

       Note that <command> and all its arguments should be passed as one single argument to gksu just like one would to when using su.

SEE ALSO

       su(1), gksuexec(1).

AUTHOR

       This manual page was written by Gustavo Noronha Silva <kov@debian.org> for the Debian GNU/Linux system (but may be used by others).

								       2003								   GKSU(1)
All times are GMT -4. The time now is 04:43 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy