Location: Asia Pacific, Cyberspace, in the Dark Dystopia
Posts: 19,118
Thanks Given: 2,351
Thanked 3,359 Times in 1,878 Posts
Logging commands is a part of many packages, including ACL extensions. Your question is too general because you did not specify the OS.
Also, try the logfile options available in the sudoers configuration file and see if there is anything there to help you.
If you restrict the sudo configuration to a bare minimum number of commands per user, you should be ok with standard sudoers logging.
In other words, you should not give sudoers permission to use vi.
This is discussed in the sudo man page:
Quote:
CAVEATS
There is no easy way to prevent a user from gaining a root shell if that user has access to commands allowing shell escapes.
If users have sudo ALL there is nothing to prevent them from creating their own program that gives them a root shell regardless of any '!' elements in the user specification.
Running shell scripts via sudo can expose the same kernel bugs that make setuid shell scripts unsafe on some operating systems (if your OS supports the /dev/fd/ directory, setuid shell scripts are generally safe).
So... don't give users permissions to programs that allow shell escapes...... Heck, on our systems, no one is allowed to sudo... and if they were, they would be given very limited command privs.... (certainly not vi !)
Hi All
I have a requirement in which during sudo logging, I must get the year details also in sudo log file. As below output is not mentioning the year due to this I will not able to idenfiy that this log belong to 2012 or 2011 or 2010
Dec 12 11:30:21 XYZ sudo: user1 : TTY=pts/5 ;... (4 Replies)
Hi,
I am new to scripting. I am trying to write a script to ssh one remote machine and run a sudo command.
ssh <hostname> sudo -S <command> < ~/pass.txt
I am stored my password in pass.txt.
I am getting error
sudo: no tty present and no askpass program specified
Please suggest me how can... (1 Reply)
Is there a way to transfer my sudo password via ssh so that I can copy files remotely and pass them locally, so:
cat sudo-passwd-file|ssh -t user@10.7.0.180 'sudo find / -depth|cpio -oacv|gzip' > /path/to/dir/file.cpio.gz
I am in the process of a creating a script. Everytime I try and just... (16 Replies)
There was an update in sudo 1.7.5 :
-The I/O log directory may now be specified in the sudoers file.
I am stuck using sudo 1.7.4p6. Because it is supported by HP on thier HP-UX builds.
Is there a process to change this directory in sudo 1.7.4p6?
currently sudo 1.7.4p6's default is... (3 Replies)
hi all,
I am new to unix and unix scipting. i need a script to logging into servers and to excute some commands in each server.
for eg :
I tried with below script ,but cant get the desired o/p. please help with this
for i in `cat serverlist`
do
echo $i
ssh $i uname -a ;
cat... (4 Replies)
Dear friends
I'm looking for a solution to log all commands that users do in my RedHat box, and send it out to other remote server,
Is there any guide for that
Thanks
---------- Post updated at 04:20 AM ---------- Previous update was at 03:47 AM ----------
I can think of something else
I... (7 Replies)
I'm looking for a CLI utility that will capture all the commands you type at the Solaris CLI (and their output) into a file. I'm sure it's called "scripter", but I can't find anything on a command called scripter.
Does anyone know of a such a command?
Your help will be greatly... (3 Replies)
Hi all,
I have two problems, My system is SunOS 5.9:
1- I have installed sudo but I have a problem logging user activities on other hosts, the way I installed it is that I installed sudo and the sudoers file in a shared directory on a NFS server which is mounted by all computers on the... (1 Reply)