[Ilugc] keep track of super user activities
- From: steve@xxxxxxxxxxxx (steve)
- Date: Wed, 19 Dec 2012 21:20:22 +0530
On Wednesday 19 December 2012 02:46 PM, smal at ccmb.res.in wrote:
Hi All
How to keep track of super user login activities including file modification,
addition, deletion etc when the Administrator hands over the root password to
their colleague while on leave? The direct solution to this perplexing and
recurring issue remains to be solved evern after seeking help from public
forums. The solution is for CENTOS 6.0 and otehr linux flavours..
It is not advisable to share the root password with people whose actions you
feel the need to track. Use group definitions / sudo to limit define
groups/roles and the actions that are allowed for users in those groups.
That said, to do overall system auditing, take a look at the auditd daemon.
[pdf link]
http://www.nsa.gov/ia/_files/os/redhat/rhel5-guide-i731.pdf
Please read 2.6.2 for auditd -- and the entire document if you want to learn
how
to properly secure your system.
cheers,
- steve
with thanks in advance s.mahalingam
_______________________________________________ ILUGC Mailing List:
http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Other related posts: