HPE Community
Operating System - HP-UX
1847611 Members
3415 Online
110265 Solutions
New Discussion

Re: audit users actions

 
Nabil Boussetta
Frequent Advisor

‎10-30-2005 10:00 PM

‎10-30-2005 10:00 PM

audit users actions

i'd like to audit users actions. should i convert my system to a trusted system ?
0 Kudos
Reply
10 REPLIES 10
GGA
Trusted Contributor

‎10-30-2005 10:08 PM

‎10-30-2005 10:08 PM

Re: audit users actions

hello
u have many advantages if u are convert to the trusted system


look this link too:
http://docs.hp.com/en/B2355-90121/index.html
regrads gga
0 Kudos
Reply
RAC_1
Honored Contributor

‎10-30-2005 10:14 PM

‎10-30-2005 10:14 PM

Re: audit users actions

You will have to.
When you convert to trusted mode all passwords will expire. To take care of this do /usr/lbin/modprpw -V

If you use SAM to convert to trusted mode, you do need to use /usr/lbin/modprpw -V
There is no substitute to HARDWORK
0 Kudos
Reply
Nabil Boussetta
Frequent Advisor

‎10-30-2005 10:25 PM

‎10-30-2005 10:25 PM

Re: audit users actions

is there some disadvantage when converting to a trusted system.
why HP don't give this functionnality by default ?
0 Kudos
Reply
RAC_1
Honored Contributor

‎10-30-2005 10:33 PM

‎10-30-2005 10:33 PM

Re: audit users actions

There is a very little overhead when converted to trsuted mode. Why HP does not give this a as default will have amny answers.

For you information, with 11i V2 next realease trusted mode will be oboletet. It is being replaced by trusted security extension product. (or something smimilar. Look/search at hp)
There is no substitute to HARDWORK
0 Kudos
Reply
GGA
Trusted Contributor

‎10-30-2005 10:37 PM

‎10-30-2005 10:37 PM

Re: audit users actions

hello
there is "more" administrative task to do

regrads gga
0 Kudos
Reply
Nabil Boussetta
Frequent Advisor

‎10-30-2005 10:54 PM

‎10-30-2005 10:54 PM

Re: audit users actions

someone tells me that you C compiler and graphical interface will not function.

is that true ?
0 Kudos
Reply
RAC_1
Honored Contributor

‎10-30-2005 10:59 PM

‎10-30-2005 10:59 PM

Re: audit users actions

Almost everything will function as it is. Some applications that depend on getpwent may be needed to adjust. Now they should be maing getpwnam sys call.
There is no substitute to HARDWORK
0 Kudos
Reply
DCE
Honored Contributor

‎10-31-2005 01:56 AM

‎10-31-2005 01:56 AM

Re: audit users actions

If you want to audit user actions, then converting to trusted mode will allow you to do that.

After you convert to trusted mode you will have to activate the auditing - you can do this via SAM or the command line. Be aware that auditing can, and usually does, consume large amounts of disk space for the log files.

One more note - when you convert to trusted mode, any user password over 8 charactors will be truncated.
0 Kudos
Reply
Rick Garland
Honored Contributor

‎10-31-2005 02:20 AM

‎10-31-2005 02:20 AM

Re: audit users actions

There is a utility that can work in conjunction with sudo. This utility is called 'rootsh' Have the users invoke rootsh via sudo commands and there will be a keystroke-by-keystroke log file with the output of user's commands.


0 Kudos
Reply
Geoff Wild
Honored Contributor

‎10-31-2005 02:55 AM

‎10-31-2005 02:55 AM

Re: audit users actions

One of the reasons Trusted System isn't the default - is that it is supported by some third party apps.

Example - we use a a central managemanet system for controlling access to all our systems - whether they are HP, IBM, Sun or Linux.

Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.