nixCraft Linux Forum

nixCraft

Linux / UNIX Tech Support Forum

Many users can do 'sudo su', how to know who is who?

This is a discussion on Many users can do 'sudo su', how to know who is who? within the Networking, Firewalls and Security forums, part of the Mastering Servers category; Hi there, I've just received a server as herence on my work which have many users who can do 'sudo ...

Go Back   nixCraft Linux Forum > Mastering Servers > Networking, Firewalls and Security

Many users can do 'sudo su', how to know who is who? Many users can do 'sudo su', how to know who is who?

Linux answers from nixCraft.

Register FAQ Members List Social Groups Calendar Forgotten your password? Mark Forums Read

Networking, Firewalls and Security No it's not a secret. Talk about firewalls and security issues.

Reply

 

LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 25-10-2008, 08:24 PM
permalac's Avatar
Member
User
  
Join Date: May 2008
Location: barcelona
OS: debian,opensuse,opensolaris,centos,fedora,backtrack
Posts: 36
Thanks: 0
Thanked 0 Times in 0 Posts
Rep Power: 0
permalac is on a distinguished road
Default Many users can do 'sudo su', how to know who is who?
Hi there, I've just received a server as herence on my work which have many users who can do 'sudo su', that's a problem from my point of view. How can I trace who is who when they do sudo su? thanks.
Reply With Quote
  #2 (permalink)  
Old 26-10-2008, 03:12 AM
rockdalinux's Avatar
Is that all you got?
User
  
Join Date: May 2005
Location: Planet Vegeta
OS: Redhat
Posts: 708
Thanks: 15
Thanked 19 Times in 18 Posts
Rep Power: 10
rockdalinux is a glorious beacon of light rockdalinux is a glorious beacon of light rockdalinux is a glorious beacon of light rockdalinux is a glorious beacon of light rockdalinux is a glorious beacon of light rockdalinux is a glorious beacon of light
Default
Use /var/log/auth.log file under Debian / Ubuntu to see sudo activity. Under Red Hat / CentOS / Fedora it is /var/log/secure file.
Code:
grep sudo /var/log/secure
grep username /var/log/secure
tail -f /var/log/secure
less /var/log/secure
__________________
Rocky Jr.
What's wrong? I hope I am not making you uncomfortable...

Never send a boy to do a mans job.
Reply With Quote
  #3 (permalink)  
Old 26-10-2008, 09:50 PM
permalac's Avatar
Member
User
  
Join Date: May 2008
Location: barcelona
OS: debian,opensuse,opensolaris,centos,fedora,backtrack
Posts: 36
Thanks: 0
Thanked 0 Times in 0 Posts
Rep Power: 0
permalac is on a distinguished road
Default
Quote:
Originally Posted by rockdalinux View Post
Use /var/log/auth.log file under Debian / Ubuntu to see sudo activity. Under Red Hat / CentOS / Fedora it is /var/log/secure file.
Code:
grep sudo /var/log/secure
grep username /var/log/secure
tail -f /var/log/secure
less /var/log/secure

fedora core 4, /var/log/secure.


But, from the log I only can know when they did 'sudo su', what I would like to know is what they do after that.
Reply With Quote
Reply

Tags
grep , less command , sudo , tail , var+log+secure

« Slow arp and route output - network issue? | Syslog redirect »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads

Thread Thread Starter Forum Replies Last Post
sudo senthil6face Linux software 2 22-08-2008 03:25 PM
disable sftp users raudisir Networking, Firewalls and Security 3 13-05-2008 05:06 PM
sudo and apache txt3rob Web servers 1 18-04-2008 11:30 PM
different php.ini for different virtual users kasimani Web servers 1 15-04-2008 02:17 PM
Ldap and non-local users bdptcob Linux software 1 15-02-2008 01:34 AM


All times are GMT +5.5. The time now is 08:02 PM.

Contact Us - nixCraft Home - Archive - Privacy Statement - Terms of Service - Top

Powered by vBulletin® Version 3.8.5 - Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.3.2
©2005-2010 nixCraft. All rights reserved

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38