Root audit

Dirk Moolman DirkM
Sun Jul 1 12:23:56 PDT 2007 

-----Original Message-----
From: linux-users-bounces at linux-sxs.org
[mailto:linux-users-bounces at linux-sxs.org] On Behalf Of David Bandel
Sent: 01 July 2007 06:07 PM
To: Linux tips and tricks
Subject: Re: Root audit

On 7/1/07, Dirk Moolman <DirkM at agilitytech.co.za> wrote:
> I need some help.  I would like to audit specific accounts on my linux
> servers. I know you can see the keyboard history, from files like
> .bash_history, etc.
>
> Is it also possible to see for example, files that users updated on
the
> system ?  ..... or if they changed network settings ?
>
> For example, let's say you were forced to give someone the root
> password, and you want to trace what they did on the system - can this
> be done ?
>


>Just make root run 'script' on each login.  If the script file carries
>a datetime on the suffix, several users can login as root and each
>will have his own script file.

>David A. Bandel


Thank you, I will play around with this a bit. I see when you run
script, it takes you into a sub-shell.  I'll see if I can stick it into
the profile before setting up the environment.

Dirk



*** Disclaimer ***

The information contained in this e-mail is confidential and legally privileged and is intended solely for the addressee and to others who have the authority to receive it. Access to this e-mail by anyone else is unauthorized and as such, any disclosure, copying, distribution or any action taken or omitted in reliance on it is unlawful. If you have received this e-mail in error, please notify the sender immediately.

The views expressed in this e-mail are the views of the individual sender and should in no way be construed as the views of the Company.

The Company is not liable to ensure that outgoing e-mails are virus-free.

The Company is not liable, should information or data, for whatever reason, be corrupted or fail to reach its intended addressee.

The Company is not liable for any loss or damage of whatsoever nature and howsoever arising resulting from the opening or the use of the information in this e-mail, including its attachments and links.

The sender of this e-mail is subject to and bound by the terms and conditions of Company+IBk-s Electronic Communications Usage Policy.

More information about the Linux-users mailing list