For auditing purposes, it could be useful to know who was switching to the root user or vice versa. You can find this type of information in the /var/adm/sulog file. Here's an example of its output.
# cd /var/adm
# more sulog | more
SU 05/27 22:29 + pts/5 root-esofthub
SU 05/27 22:59 + pts/9 root-topbloglists
SU 05/29 23:45 + pts/6 esofthub-root
SU 05/29 23:46 + pts/6 root-freeadlists
SU 05/29 23:49 + pts/6 root-esofthub
SU 05/30 22:02 + pts/6 root-freeadlists
SU 05/30 22:14 + pts/3 esofthub-root
SU 06/02 19:40 + pts/3 root-esofthub
SU 06/02 19:44 + pts/3 esofthub-root
SU 06/16 23:37 + pts/3 root-esofthub3
SU 06/17 20:57 + pts/8 root-esofthub
SU 06/17 21:12 + pts/8 esofthub-root
SU 06/22 20:31 + pts/7 root-freeadlists
This blog covers Unix system administration HOWTO tips for using inline for loops, find command, Unix scripting, configuration, SQL, various Unix-based tools, and command line interface syntax. The Unix OS supports tasks such as running hardware, device drivers, peripherals and third party applications. Share tips/comments. Read the comments. But most importantly: Read Disclaimer - Read Disclaimer.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment