LinuxQuestions.org
Visit Jeremy's Blog.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Enterprise Linux Forums > Linux - Enterprise
Reload this Page who -T !!! NOTE: It shows who(individual id) is using what group id in which terminal
User Name
Password
Linux - Enterprise This forum is for all items relating to using Linux in the Enterprise.

Notices


Reply
  Search this Thread
Old 10-09-2008, 11:29 PM   #1
JATA01
Member
 
Registered: Nov 2007
Posts: 207

Rep: Reputation: 15
Exclamation who -T !!! NOTE: It shows who(individual id) is using what group id in which terminal

Any ideas! in case we can find, who changed a file on Linux.

Case: ~if there is a shared userid for ex: “giga” and you all know its passwd, then how can I check who actually changed the file (when he used this userid for changing that file).


Thanks-
 
Old 10-10-2008, 08:11 AM   #2
estabroo
Senior Member
 
Registered: Jun 2008
Distribution: debian, ubuntu, sidux
Posts: 1,126
Blog Entries: 2

Rep: Reputation: 124Reputation: 124
If it's a terminal login you probably can't (unless you have some visual surveillance on the keyboard). If it was a remote login you can check the time of the file change against the logins (look at the output of last) and see where that login came from, this will give you a group of people since you'd need to check up on anyone who was logged into that id during the time frame the change occurred.
 
Old 10-14-2008, 09:42 AM   #3
archtoad6
Senior Member
 
Registered: Oct 2004
Location: Houston, TX (usa)
Distribution: MEPIS, Debian, Knoppix,
Posts: 4,727
Blog Entries: 15

Rep: Reputation: 234Reputation: 234Reputation: 234
Quote:
Originally Posted by JATA01 View Post
... Case: ~if there is a shared userid for ex: “giga” and you all know its passwd, then how can I check who actually changed the file (when he used this userid for changing that file).
...
This shared userid may be your fundamental security problem. Is it feasible for you to give each user his/her own log-in, “gigann”, for instance, & assign them all to a group named “giga”. You would maintain access control through group rather than user permissions, & have a better chance to get the accountability you want.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
the terminal shows -bash-3.2 tapan_chugh Linux From Scratch 10 10-19-2013 10:18 AM
What code in the terminal shows you the list of sockets? JBailey742 Linux - General 3 02-20-2008 09:16 PM
NTFS Raid0 on sil3112 shows up as individual drives?? kyle775 Linux - Hardware 3 10-18-2007 08:48 AM
Cannot Get into X11 as well as to terminal--Some Space error it shows covaigold Linux - Software 0 02-19-2005 09:24 AM
user and group ids - individual permissions? LooseCanon Linux - General 2 09-14-2003 12:57 PM

LinuxQuestions.org > Forums > Enterprise Linux Forums > Linux - Enterprise

All times are GMT -5. The time now is 04:14 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration