Login or Register to Ask a Question and Join Our Community


UNIX for Advanced & Expert Users

audit user commands of different users under root account

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums UNIX for Advanced & Expert Users audit user commands of different users under root account
# 1  
Old 06-18-2010
audit user commands of different users under root account
Hi,

I would like to know if there is anyway that I can pinpoint the user before/after he connects to the root? Also, I'm trying to find out what are the commands he inputs under root access.
# 2  
Old 06-18-2010
Check if your OS has any auditing facilites that might provide something like this.
It might be also interessting to enable an su log - on Linux for example it is /etc/login.defs enabling some SU related variables that might write for example /var/log/sulog for new logins. It will at least show when which user su'ed.
# 3  
Old 06-21-2010
Can you suggest any auditing facility that I may use wherein I can pinpoint the root user and the commands he/she inputs? Also, is possible to automate that system's auditing process?
# 4  
Old 06-22-2010
For what operating system and version?
# 5  
Old 06-22-2010
I'm currently using Ubuntu version 6.06
# 6  
Old 06-24-2010
Hi

user this command :

history

it will display the command history but i am not sure in ubuntu it will be

for all users or for the current user

also you can save the output for this command

history > output.txt

Best Regards
# 7  
Old 06-24-2010
Google tells there is an auditd for Ubuntu/Debian etc. that should be what you are looking for.
If you want more info, use following strings in google: ubuntu auditing
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Not able to switch to other users using su -user from root

Hi all, I have a small problem. When I log in as root and try to switch to any other user using su -user, then it is giving an error saying libncurses.so permission denied. Can you help me? Thank you in advance. Sai. (1 Reply)
Discussion started by: sai2krishna
1 Replies

2. SuSE

Allow multiple users to run several root commands

I am using SUSE Linux Enterprise Server 10 SP2 (i586) and I had earlier ammended my sudoers file to allow users to become root user with "sudo su - " command Now I am trying to add multiple users to the sudoers file to run several commands such as restarting the server, restarting the nagios... (9 Replies)
Discussion started by: hedkandi
9 Replies

3. Solaris

How to see the root information from user loging account?

Hi friends when ever user tried to loging to the server from the user account.we can see the from who -u command.this was fine shut@erpqas $ who -u ipadmin pts/1 Mar 18 16:05 old 157 (10.5.23.74) ipadmin pts/3 Mar 19 08:29 old 11076 ... (3 Replies)
Discussion started by: tv.praveenkumar
3 Replies

4. Red Hat

startx by non-root user account in red hat linux kernel 2.6

How can I use the command "startx" by other user account such as "oracle" ?? I cannot startx by user account oracle ?? How to fix it ??? Any adivce ??? I use red hat linux kernel 2.6 $ startx Fatal server error: PAM authentication failed, cannot start X server. Perhaps you do... (0 Replies)
Discussion started by: chuikingman
0 Replies

5. UNIX for Dummies Questions & Answers

How to allow access to some commands having root privleges to be run bu non root user

hi i am new to unix and i have abig task. i have to \run particular commands having root privileges from a non root user. i know sudo is one of the way but i need sum other approach kindly help Thanks (5 Replies)
Discussion started by: suryashikha
5 Replies

6. Debian

password less login to root from a user account

hello friends, one user is created named "user1" I login as "user1" . Now when i do "su -" to be root user I have to give password for root . Is there any way through which we can skip giving the password to root. i.e. user1@work:~$ su - Password: xxxxxx work:~$ I don't want that... (1 Reply)
Discussion started by: pradeepreddy
1 Replies

7. HP-UX

user commands without root access

Hi I have been asked to find out how to 1) create users 2) reset passwords 3) kill processes that may require root privileges without having root password, sudo rights or rights to passwd command Any ideas? Thanks in advance (1 Reply)
Discussion started by: emealogistics
1 Replies

8. UNIX for Dummies Questions & Answers

How to reactivate expired account in Linux as a root user

I am an administrator of a Red Hat Enterprise Linux system. Now one account expired. I wonder how to reactivate the account. Thanks (2 Replies)
Discussion started by: cy163
2 Replies

9. UNIX for Dummies Questions & Answers

Modify Root user account ?

How can I modify Root account ? (I want to change the default shell after logging in) Thanks (3 Replies)
Discussion started by: hitlermom
3 Replies

10. UNIX for Dummies Questions & Answers

create or modify user account to have same access as root

Is there a way to create or better yet modify a user account so it has the same privs as root? (6 Replies)
Discussion started by: xadamz23
6 Replies
Login or Register to Ask a Question