- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Who has su-ed as root?
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-08-2008 07:43 AM
тАО04-08-2008 07:43 AM
I have a group of users who really needs to be root on machines.
I have created a user id for each user, and disable the root direct login in sshd_config. So what I want is the users log into the system with their owm userid and then su to root. But I want to create a root ssh_history file for each user, I mean, I want a file named something like .ssh_history_userid to be able to know who has issued a command on the system as root.
So my question is, how can I know in the moment of the su to root who has issued the su.
I hope I have been clear on my explanation...
Thanks in advance!!
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-08-2008 07:47 AM
тАО04-08-2008 07:47 AM
Re: Who has su-ed as root?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-08-2008 07:50 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-09-2008 01:45 AM
тАО04-09-2008 01:45 AM
Re: Who has su-ed as root?
Mark Syder (like the drink but spelt different)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-09-2008 01:48 AM
тАО04-09-2008 01:48 AM
Re: Who has su-ed as root?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-09-2008 01:55 AM
тАО04-09-2008 01:55 AM
Re: Who has su-ed as root?
1. set the path variable to run the
vi sudo by using the command
#PATH=$PATH:/usr/local/sbin
#vi sudo
enter the user name to access as a
super user
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-09-2008 02:27 AM
тАО04-09-2008 02:27 AM
Re: Who has su-ed as root?
I know the sudo option, but I trust in these user's, no problem with them. I just want to know who do what.
The who am i option is the best solution to my question. Thanks to all for your comments.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-09-2008 04:23 AM
тАО04-09-2008 04:23 AM
Re: Who has su-ed as root?
so you can use it.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-09-2008 07:44 AM
тАО04-09-2008 07:44 AM
Re: Who has su-ed as root?
I didn't do a lot of testing, but if I was logged in as myself, this detected the shell owner and worked. If you su to root after you have su'd to root, it can be defeated.
It is also defeated if you su (without the dash)
It will give you a start anyway.
############# snip
MYUSER=$(who -u |grep $PPID |awk '{ print $1 }')
if [ -n "$MYUSER" ];then
MYUSER=_$MYUSER
fi
HISTFILE=$HOME/.sh_history$MYUSER
############ snip done
Rob...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-09-2008 07:52 AM
тАО04-09-2008 07:52 AM
Re: Who has su-ed as root?
I did something similar to keep the IP and the user in the .profile of the root user:
USER=`who am i|awk '{print $1}'`
REG=`who am i|awk '{print $2}'`;VAR=`who -R | grep $REG | awk '{print $6}'| cut -d "(" -f 2 | cut -d ")" -f 1`
HISTFILE=${HOME}/.sh_history/.sh_history_$VAR"_"$USER