User administration

Thread Tools Search this Thread
Top Forums Shell Programming and Scripting User administration
# 1  
Old 07-22-2011
User administration

Dear All,

I need to restrict the users in our server.

1.History & history -c command working all groups & others.So i need to restrict history -c option for groups & others .

2.Any option available to view user activity with all[username, time stamp, command name etc]
Eg--->user1 Jul22 10:20:11 date

3.Any other Special restriction if you have please reply me
# 2  
Old 07-22-2011
First of all, what shell are you using?

Ad 1. For bash, there is a HISTFILE env var, that is usually set to ~/.bash_history, and thus is kept separate for each user. It sounds like your history file is shared among users...

Ad 2. I don't have a specific way of how to accomplish this fine granularity of logging, but some ideas that you could further follow:
- Try to set up ~/.bash_logout to append $HISTFILE to some global history file.
- Set up a trap (in e.g. /etc/profile) that gets executed when user logs out and harvest history this way:
trap 'cat $HISTFILE >> /tmp/hist.all ;exit 0' 0

- use 'w' command to get an idea of who's logged in and what they are doing, from cron

Disabling erasing of history -- first I though that could be done through /etc/sudoers, but history is a builtin....

Sorry I am not of more help, but I thought I might help with some brainstorming...
# 3  
Old 07-22-2011
Further to mirni, what Operating System and version are you running?
Please also post the output from:
type history

# 4  
Old 07-23-2011
Originally Posted by methyl
Further to mirni, what Operating System and version are you running?
Please also post the output from:
type history

[root@server ~]#echo $HISTFILE

[root@server ~]# type history
history is a shell builtin
# 5  
Old 07-23-2011
Hmm... It seems that HISTFILE is set to ~/.bash_history, as by default.
And you are saying that all users can see each other's history? Can you please double check on this?
I mean, since root's history file is /root/.bash_history, no other user has read permissions for that.

Can you please log in as a non-root user and post the output of

for this user.
# 6  
Old 07-25-2011
Thanks mirni,

I got conclusion for that deleting history.The output shown for root user like this & other user can't view this $cat /root/.bash_history

vim /home/admin1/.bash_history
cat /home/admin1/.bash_history
history -a

One more doubt

i already export the history format is export HISTTIMEFORMAT='%F %T '[with date & month] & i got the output like this

1019 2011-07-25 19:41:47 cat /root/.bash_history
1020 2011-07-25 19:42:29 echo $HISTFILE
1021 2011-07-25 19:48:48 cat /root/.bash_history
1022 2011-07-25 19:51:52 history
what is my doubt is any possible to view the other user access with date through history.I tried to view particular user access like admin1 for cat /home/admin1/.bash_history .It shown output like this only

mkdir test1
mkdir testnew
cd /var/backup/
mkdir demo
>> But unable to view date & time.please guide this
# 7  
Old 07-25-2011
The integer is the epoch time. If you have gawk, then this should change it to Y-M-D m:S format:
$ echo  1311602876 | awk '{print strftime("%Y-%m-%d %M:%S",$0)}'
2011-07-25 07:56

Login or Register to Ask a Question

Previous Thread | Next Thread

8 More Discussions You Might Find Interesting

1. AIX

AIX user administration - queue management

Dear All Please how can I create a user which would be only able to manage queue printer like creating, release, hold etc a printer queue. He would for example be able to enter commands like : - lpstat -pprintqueue where printqueue is an existing queue on the server - enable printqueue... (0 Replies)
Discussion started by: sobnc
0 Replies

2. Solaris

Zone administration

hi frnds I created sparse root zone, in that zone when i try to change the passwd it is giving permission denied. what is the reason and how to chnage the root passwd in the zone. can u please explain the query. (4 Replies)
Discussion started by: sravan ega
4 Replies

3. Solaris

Solaris User Administration

unable to run smgroup / smadd command to create or modify the users and directories. (1 Reply)
Discussion started by: sendhils13
1 Replies

4. Solaris

Solaris User Administration

Hi All..... How many maximum no of users can be created in solaris 10.0 Waiting for the reply ..... (2 Replies)
Discussion started by: sendhils13
2 Replies

5. Solaris

user administration

hi ' i am creating a primary group and a secondary group for a user. #groupadd -g 101 test #groupadd -g 102 test1 #useradd -d /export/home/user1 -m -s /bin/ksh -g test -G test user1 in /etc/passwd i can find the username as user1 and group name as test and where can i find the... (4 Replies)
Discussion started by: madhudeepan
4 Replies

6. UNIX for Dummies Questions & Answers

Tru64 User administration

Hey guys how do you check if an account is locked in tru64, and how do you unlock it? (1 Reply)
Discussion started by: sbn
1 Replies

7. UNIX for Dummies Questions & Answers

User Administration

I have an application that runs on Unix and the user administration is managed at a Unix level. The application has an application ID which is linked to the user ids which are created at Unix level. Can you please help if I can be able to track which user used the Application ID and what action was... (0 Replies)
Discussion started by: Kopano
0 Replies

8. Solaris

remote user administration

Hello, I inhearited several solaris machines (read that about 30 of them) and have a need to be able to manage the user accounts remotely.... Currently the machines all have the same users but not exactly the same spelling (each machine was locally managed before and thus every single passwd/shadow... (2 Replies)
Discussion started by: wgriffin
2 Replies
Login or Register to Ask a Question