Re: log all activity of a special user?

_at_@zzeenn..ccoo.uukk
Date: 05/04/04

  • Next message: Coward_Today_: "Re: What is this port 0 traffic, pls?"
    Date: Tue, 04 May 2004 18:03:41 +0100
    
    

    Florian Wolters wrote:
    > hi!
    >
    > is there any possibility to log all activity on the console of a special
    > user?
    > i just want to see averything th euser does on the console...
    > tnx for any hints
    >
    >
    > flo

    I don't know how feasible this is but would it be possible to cause the
    system concerened to run '/usr/bin/script' in some way when the user
    loggs on pointing it to a log file in a secure location. that way, eaven
      if they 'su -' it will capture the input and output of the console
    (including stderr i believe) and save it to a specified file.
    An example is below although I'm not sure how you would specifically set
    it up and the size of the captured file is

    a quick check with the command:-

    [xeon@baseline documents]$ script --help
    script: invalid option -- -
    usage: script [-a] [-f] [-q] [-t] [file]
    [xeon@baseline documents]$ whereis script
    script: /usr/bin/script /usr/share/man/man1/script.1.gz
    [xeon@baseline documents]$ script dum
    Script started, file is dum
    [xeon@baseline documents]$ su -
    Password:
    [root@baseline root]# ls
    amsn_received install.log sound
    anaconda-ks.cfg install.log.syslog test.sh
    Desktop lfs5-chroot XConf.old
    fglrx-glc22-4.3.0-3.7.0.i386.rpm lfs-chroot.sh XF86Config
    findwin.e NVIDIA-Linux-x86-1.0-4363
    IBMFLASH NVIDIA-Linux-x86-1.0-4363.run
    [root@baseline root]# top

      17:53:15 up 2 days, 10:52, 5 users, load average: 0.12, 0.15, 0.12
    77 processes: 75 sleeping, 1 running, 1 zombie, 0 stopped
    CPU0 states: 15.0% user 5.0% system 0.0% nice 0.0% iowait 78.0%
    idle
    CPU1 states: 0.0% user 5.0% system 0.0% nice 0.0% iowait 94.0%
    idle
    Mem: 512792k av, 506264k used, 6528k free, 0k shrd, 43748k
    buff
                         375800k actv, 28k in_d, 10604k in_c
    Swap: 1052248k av, 338020k used, 714228k free 165948k
    cached

    <<output of top snipped>>

    [root@baseline root]# exit
    logout
    [xeon@baseline documents]$ ls
    dum from Anton morn.at music uplink_XMMS.zip uplink.zip
    [xeon@baseline documents]$ exit
    Script done on Tue 04 May 2004 17:53:21 BST
    [xeon@baseline documents]$cat dum

    <<output of script file snipped to avoid unnesscasary duplication>>


  • Next message: Coward_Today_: "Re: What is this port 0 traffic, pls?"

    Relevant Pages

    • most secure way to start root session without requiring password
      ... On my laptop running linux I want a root window (a copy ... addition to the normal windows I have up on that console. ... and I've copied that script over to my new ...
      (comp.os.linux.setup)
    • Re: most secure way to start root session without requiring password
      ... addition to the normal windows I have up on that console. ... However, previously, I either did something to the script (made it ... setuid with a user name of root) or did something with my pam ...
      (comp.os.linux.setup)
    • launching wish from tclsh
      ... console interface (tclsh) in place of a gui interface for input of test ... So, I proceeded creating a tcl script that, running from Tclsh, gets ... If I open a Tclsh console and I manually try to launch wish console ...
      (comp.lang.tcl)
    • Re: javaldx failed.
      ... mozilla start from default fails, ... error message. ... console in the icewm window but I resolved this for the console window ... get script ...
      (Debian-User)