<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2800.1400" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><SPAN class=040483018-01062004><FONT face=Arial color=#0000ff size=2>My
immediate response would be to let them have sudo as the common account
user, and not su. If more than one user can su at a time then if there are
more than one operating as that user then you still won't know who was
responsible for what. However if you make them sudo as the user to do the
things they need to do then you always know who did what...</FONT></SPAN></DIV>
<DIV><SPAN class=040483018-01062004><FONT face=Arial color=#0000ff
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=040483018-01062004><FONT face=Arial color=#0000ff
size=2>Regards,</FONT></SPAN></DIV>
<DIV><SPAN class=040483018-01062004><FONT face=Arial color=#0000ff
size=2>Drew</FONT></SPAN></DIV>
<BLOCKQUOTE dir=ltr style="MARGIN-RIGHT: 0px">
<DIV class=OutlookMessageHeader dir=ltr align=left><FONT face=Tahoma
size=2>-----Original Message-----<BR><B>From:</B> Ted Beaton
[mailto:tbeaton@plansysit.com]<BR><B>Sent:</B> Tuesday, June 01, 2004 2:29
PM<BR><B>To:</B> redhat-list@redhat.com<BR><B>Subject:</B> Login
Restrictions<BR><BR></FONT></DIV>
<DIV><FONT face=Arial size=2>I have an application running on a Redhat 9
machine that requires being run by a certain user. I also have security
requirements that necessitate logging the actions of all users logged into the
system so I can't have two different people log in with the same user
name. Then I won't know who is doing what on the system. What I
would like to do is have a separate user account for each person and then
require them to su to the common user account that needs to run the
application. Then I can track the individual logins and know who su'd to
the common account and when they did it. Does anyone know how to disable
logins to the common user account while still allowing the account to be
functional for when people need to su to it?</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Thanks in advance,</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Ted</FONT></DIV></BLOCKQUOTE></BODY></HTML>