Audit trail for root?
Ted Gould
ted at gould.cx
Wed Aug 1 16:52:19 MST 2007
On Wed, 2007-08-01 at 16:46 -0700, George Toft wrote:
> I am searching for a solution. Client company is looking for a means to
> track all commands issued by root. PowerBroker has already been
> excluded as it will cost over $1M to deploy. Product must be
> inexpensive and supported.
>
> I've researched this a bit already, and came up with sudoshell (no
> development since 2004) and modifying the bash source code and
> recompiling. Neither solution is acceptable.
>
> Any ideas?
Disable the root user and make all admins use sudo? I believe you can
disable the ability to do "sudo bash". It can be annoying to have all
your commands prefaced with "sudo", but any good admin can alias them.
--Ted
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20070801/b8e56f60/attachment.pgp
More information about the PLUG-discuss
mailing list