LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   log file (https://www.linuxquestions.org/questions/linux-security-4/log-file-643487/)

hariiyer 05-20-2008 07:26 AM
log file
 
Dear all,

Where the user activity logs are stored in linux. suppose when root user has changed permission, installation etcc. where do we find out these type of activities.

I am using RHEL-4 and oracle .

unSpawn 05-20-2008 07:42 AM
Quote:
Originally Posted by hariiyer (Post 3159028)
Where the user activity logs are stored in linux.
Please do an 'apropos' on your system for last, lastlog, lastb, wtmp, utmp, PAM, audit.


Quote:
Originally Posted by hariiyer (Post 3159028)
suppose when root user has changed permission, installation etcc. where do we find out these type of activities.
Installation by way of 'yum': /var/log/yum.log, /var/log/messages, by 'rpm' directly: nowhere, perm changes: nowhere unless passive (Aide) or active (Samhain, Auditd) audit mechanism was installed and their rules so configured. For statistics of logged user activity see 'ac', generic logging of user activity (commands) see 'rootsh'. Verify installation (hashes, perms, etc, etc) using package manager: 'rpm -qVva'.


All times are GMT -5. The time now is 02:14 PM.