Date: Thu, 4 Apr 2002 10:11:02 -0500 From: "Galella, Anthony" <anthony.galella@intel.com> To: "'Rob B'" <rbyrnes@ozemail.com.au>, "Galella, Anthony" <anthony.galella@intel.com> Cc: "'freebsd-questions@freebsd.org'" <freebsd-questions@freebsd.org> Subject: RE: verbose logging of root? Message-ID: <59F55CE047A6D51196360002A534A4AC3703E7@pysmsx102.py.intel.com>
next in thread | raw e-mail | index | archive | help
Unfortunately sudo won't help in this situation. There is a "backup" sysadmin here that has root access in case I am not available. He is learning, but I want to be able to track everything he does as root in order to know exactly what is happening on the system. Case in point: he chown'd and chmod'd a whole directory structure, causing loss of access for users. I found the problem, and fixed it, but if I could track what he did in the logs, I could be aware of these things before users are (hopefully):) Anthony J. Galella anthony.galella@intel.com -----Original Message----- From: Rob B [mailto:rbyrnes@ozemail.com.au] Sent: Wednesday, April 03, 2002 8:51 PM To: Galella, Anthony Cc: 'freebsd-questions@freebsd.org' Subject: Re: verbose logging of root? At 03:06 4/04/2002, Galella, Anthony sent this up the stick: >This is more of a Un*x question rather than FBSD specific. > >Is it possible to do extremely verbose logging of all everything done by >root for security purposes? > > >We ssh to the server and I can make ssh do verbose logging, but that logs >every user, I just need to log from the point someone su's to root. This is not a *direct* answer to your question, but an alternative suggestion. Rather than letting users su to root, why not use a tool such as sudo (/usr/ports/admin/sudo)? sudo will log every command, and has an extensive permissions system in it's conf file. sudo also prevents every user who needs root permissions from knowing the root password, they simply use their own password. sudo also logs any unauthorised usage. Cheers, Rob -- Hey, go buy a plane ticket to another state of mind, okay? [15200.8 km (8207.8 mi), 262.8 deg](Apparent) Rennerian This is random quote 504 of a collection of 1223 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?59F55CE047A6D51196360002A534A4AC3703E7>