LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 10-13-2011, 11:32 AM   #1
linux833
Member
 
Registered: Jul 2011
Posts: 40

Rep: Reputation: Disabled
files access logging


Hi friends,

i need help to get my file access logging, we install applications
that depending on service user crated need to access to database files.
each user has it's permission.

we need to log this files access, which user access which file.
if user success or deny base on files permission.

i try to check on these files:
/var/log/apache2/access.log
/var/log/messages.

no luck

any help please.

linux833
 
Old 10-13-2011, 01:43 PM   #2
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
Blog Entries: 11

Rep: Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910
Sorry, I think you'll need to be somewhat more descriptive. Do you
want to log user activity on a database level? Which RDBMS are you
using? If logged in users access files via apache there's no simple
Linux way to know which user accessed which flat file.

Using kernel auditing you may be able to track file accesses, and
by comparing that to whatever logging your web application offers
regarding user activities.



Cheers,
Tink
 
Old 10-13-2011, 05:02 PM   #3
linux833
Member
 
Registered: Jul 2011
Posts: 40

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Tinkster View Post
Sorry, I think you'll need to be somewhat more descriptive. Do you
want to log user activity on a database level? Which RDBMS are you
using? If logged in users access files via apache there's no simple
Linux way to know which user accessed which flat file.

Using kernel auditing you may be able to track file accesses, and
by comparing that to whatever logging your web application offers
regarding user activities.



Cheers,
Tink
Hi Tinkster,
thanks for you reply, what i need is that we create a service user that have permission to access specific folder
in ubuntu, if we set permission for that user as owner and can R/W to the folder, we are unable to get return
needed data, when we set the permission for other user to R/W then data can be retrived, so we need to track which user
is succuful access the file and which is getting deny in case of our service user we need to prove it get deny or not.

we verify the apache log and it's showing page has been accessed fine, but permission level on the disk we don't know.

i had a look at /etc/syslog.conf and found it's changed to rsyslog.conf, but still unable to configure such config to get
needed log.

your help is appreciated.

linux83
 
Old 10-13-2011, 08:12 PM   #4
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
Blog Entries: 11

Rep: Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910
Sorry, I must be obtuse ... I still don't understand what you're trying to
do, or what exactly the problem is. How do users with write permissions to
directories correlate to the database in your initial post?


Cheers,
Tink
 
Old 10-13-2011, 10:46 PM   #5
Ansuer
LQ Newbie
 
Registered: Jun 2006
Location: NC
Distribution: Debian/Ubuntu/Gentoo
Posts: 22

Rep: Reputation: 19
Hopefully I'm getting this straight. If you set your service account as the "user" on the folder and give it +rw then it's -not- working. But if you give world or "other" +rw then it works?

Can you do an "ls -al" on the folder and post the result?
 
Old 10-14-2011, 05:59 AM   #6
linux833
Member
 
Registered: Jul 2011
Posts: 40

Original Poster
Rep: Reputation: Disabled
thanks freinds,
i think i have to check with application team about this, it might be a permission issue.

what i need is,in general, users access files and folders in the linux server (my case is ubuntu 10.04).

can i log user access to folders and files in log file like apache log, when user fire page it will log the user ip and some info.
can i log user access to file and found information about users that access to this file or if other user
try to access file and get deny action will be log, then i when i review the log i will know that x user is trying
to access the file and get deny, to fix this i have to grand him permission to get access.

hope this help clearing the issue to fix it.

linux83
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Logging unauthorized access mijohnst Linux - Security 4 07-19-2011 04:36 PM
Access log-files without logging in as root Bl4deRunner Linux - Security 2 04-10-2006 06:28 AM
logging file access otoomet Linux - Software 3 12-13-2005 11:30 AM
File Access Logging dman65 Linux - General 3 04-08-2005 02:12 PM
Logging Directory access vl7 Linux - Security 1 11-26-2003 02:17 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 03:21 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration