LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   How can I acomplish this ? (http://www.linuxquestions.org/questions/linux-security-4/how-can-i-acomplish-this-813048/)

turalo 06-09-2010 02:46 AM

How can I acomplish this ?
 
Hy everyone, I have a question about a kind of a logger for my debian.
I have a little project, where I'm teaching my collegs basics of the linux. so they will get a clean installed debian, with only ssh acces,
they must then do few basic things like aditing with vi, locating files etc...
what I want to do is to log all they do, so after they login to the system, everything they do, must be logged sothat I can see where they made mistakes, like for example what they typed, what they copied, what they uploaded or downloaded, etc... all handlings must be in a log.

anybody know how can I do this ?

thanks in advance...

EricTRA 06-09-2010 03:40 AM

Hello,

Have a look at process accounting (pacct). I believe it'll do just what you need.

Kind regards,

Eric

turalo 06-09-2010 05:19 AM

any other options ?

EricTRA 06-09-2010 05:25 AM

Hi,

What you could do, if you feel reluctant to pacct, is write you own script to 'synchronize' the history files of the users. That way you'll have a copy of what they have done. Or you could install and configure Unison File Synchronizer to do the same thing for you. But then you'll have to learn about Unison. Either way you'll have to put in some time, either to install, learn or write.

If you have lots of time you can always browse the user's history files but if they clear them you're left with nothing.

The history files only reflect what commands they have run, not when they logged in, how long they stayed logged in, and so on. In my opinion pacct is the best choice for what you need.

Kind regards,

Eric

unSpawn 06-09-2010 06:13 AM

Quote:

Originally Posted by turalo (Post 3997453)
what I want to do is to log all they do

/
Quote:

Originally Posted by EricTRA (Post 3997611)
In my opinion pacct is the best choice for what you need.

Over the years we've seen quite a few "I want to log everything" questions asked and 'pacct' does not cut it. If you can handle having your opinion changed please search the LQ forum for posts about 'rootsh' or see just a few results:
http://www.linuxquestions.org/questi...4/#post3950747
http://www.linuxquestions.org/questi...tivity-801565/
http://www.linuxquestions.org/questi...1/#post3690455
http://www.linuxquestions.org/questi...3/#post3637958
http://www.linuxquestions.org/questi...9/#post3604944
http://www.linuxquestions.org/questi...7/#post2980353
http://www.linuxquestions.org/questi...1/#post2894989
http://www.linuxquestions.org/questi...3/#post2631551

HTH

EricTRA 06-09-2010 06:26 AM

Quote:

Originally Posted by unSpawn (Post 3997650)

Hi unSpawn,

I'm always open for a change, even of my own opinion ;) I'll have a look at those threads, thanks for the info.

Kind regards,

Eric


All times are GMT -5. The time now is 10:11 PM.