Linux - EnterpriseThis forum is for all items relating to using Linux in the Enterprise.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
<OffTopic>Using tools like disc-quota, ulimit, rssh and whatnot is hardly the same thing as looking into users' history files... What's next? Stealing their data from ~/.ssh/id_* files? Or are you guys doing that already?</OffTopic>
Nevem> I'll bet you're one of those people that, even though you didn't buy your work computer with your own money, you still feel it's yours to do with as you see fit. Am I right? How you can possibly associate monitoring with theft is beyond me. That said, this isn't the place to debate such things. If you like, PM me and we can discuss further.
Nevem -> When you go to work and use work assets, you're there to do a job for them. There's an underlying fallacy to your logic - assuming that anything you do on work assets is personal/private. Perhaps it's different where you work/live, but I can assure you, this is not the case in the States. You forfeit all privacy when logging into a work machine. Period.
Again, if you'd like to discuss this further, feel free to PM me. This is not the place for this sort of banter.
Mods -> feel free to remove irrelevant posts to this topic, including mine.
Ok, now THAT is just WRONG. Was an interesting read though and certainly raises some new questions. I'm sure there will be more of this kind of thing to push the envelope in the future.
We started with the hypothesys that an Oracle userid got compromised. Important data might have been stolen, deleted or changed.
Now someone admits they weren't careful enough; their history did contain the password. They are in trouble all right.
And who else might be in trouble? Yourself, because you created this history-checking system, so you was in the position of finding the password.
Note: history files are valueable sources of information for haxors, too; especially that of root users'
Still doesn't matter. As systems administrators, we're ultimately responsible for the machines - regardless of any scenario you can hypothesize. If for no other reason you were able to determine who was the culprit, any other point is moot. Users shouldn't be doing anything administrative without involving the system owner(s) anyway.
Another point to think about: You said you wanted to monitor user activity to check if they are using git 'right' or 'wrong'. What if they are clever enough to do their git-abusing-evilness programatically (shell script or otherwise). Even your best 'grep git' command won't find the evidence.
Frankly, that doesn't matter either. A decent systems administrator will be able to put things in place that would prevent their own demise, i.e. access control lists, tripwire, fanotify/inotify (as you pointed out), xymon, etc. For this particular case, the users would actually be doing themselves an injustice more than us because, eventually, their actions will lead to them not being able to get their own jobs done. There would be no advantage to their nefariousness as it would eventually get them fired.
While I do see the value in playing devil's advocate you have on the other hand taken this thread so far off topic across so many posts, all without constructively helping the OP achieve his goal and even in the face of his polite request to stop off topic conversation that I think you should, with all due respect, really reconsider if you should continue posting?..
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.