command logging
Frank Kruchio
fkruchio at nz1.ibm.com
Tue Nov 8 20:40:14 UTC 2011
We are running RHEL5 x86_64 and RHEL4 (32 and 64 bit) servers mostly at
work and management like to trac every single command a user types.
So far we used rootsh but once a user types
sudo rootsh
sudo su - oracle
the oracle user commands are not logged any more.
Is there a way to trac/record a user to see what was typed using the audit
subsystem ?
We are considering the idea now to
> /etc/securetty
to lock root logins out
The goal is to not have any shared IDs at all and all users should be
identified on what they did on the servers if necessary.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20111109/f4aefcc3/attachment.htm>
More information about the Linux-audit
mailing list