l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
November 4: Social gathering
Next Installfest:
TBD
Latest News:
Oct. 24: LUGOD election season has begun!
Page last updated:
2003 Apr 13 10:59

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox] Question from a new Unix/ Linux user
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox] Question from a new Unix/ Linux user



> I have a unix account(&& I'm not the superuser). I'll
> like to write a small routine that keeps track on
> anyone that logs in my account. Can anyone give me an
> idea on how to implement it. (It is set to 700).
> Thanx a zillion 4 any help!!

Tricky. If you trust the other user to not modify your resource files,
then you could add entries to your shell "rc" files to mail you when a
person is using the account, or dumps the login into a file.

Also, if your account uses bash as the default shell, and you trust the
user of the account to notuse a different shell or modify your shell's
".rc" files, then you could also add a new file ~/.bash_logout that
e-mails you a copy of the ~/.bash_history to see what was done in the
session, and when the session ended (complimenting the first suggestion.)

However, you mention that you want to "keep track" of anyone loggin into
the account. This is often considered to be one of the three main parts of
computers security (tracking/logging/reporting). This suggests that you
are concerned with the security of the account, and do not trust the users
tthat may use your account.

Without having the support of the super user (and trusting the super user)
there are not many (any?) things that you can implementment with your own
UID/GID that cannot be "undone" by another user who uses your account.

Even use of the shell "rc" files can be bypassed if the user "su" to your
account from theirs and chooses to not process your shell rc files. From
there, they could modify your rc files to remove the above changes and
then login to your account with "su -" or ssh or ??? and the
tracking/logging is lost.

If you *just* want to see when the account was used, you can check out the
command called "last". This tracks login/logout with the wtmp file/db.
However, even this is not fully reliable for tracking sessions. Use of
"screen" permits the user the grab other tty, and these other tty's being
used are often not logged to wtmp. Also, "last" (with wtmp) often does not
track users "su"-ing from other accounts.

If you do not trust the users using the account, then you really would
need the support of the superuser. They can set up logging and tracking
(process accounting, etc) to keep track of what is done, and make sure
that users can't alter the logged data (unless the user gains admin
access.)

Hope you can find an answer to use here,
-ME

_______________________________________________
vox mailing list
vox@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.