Identify all users logged in to the system even with su command
My requirement is to know all users who are active in the system.
But generally I login to my machine as root and then do "su" to my user. "who" command will return all users logged in to the system, but not the user who is logged in with su command. Please help me here, the best way to identify all users logged in to the system, who is even logged in with an su command. Thanks in advance. |
'who' registers the logged in user; therefore, it will list your login as root. The 'su' command simply gives you the ability to pose as another user;therefore, you are not actually logged in to the computer as that user, and you will not show up in the 'who' or 'last' (wtemp) as that user.
Best Business Practices will stipulate that you are logging in incorrectly. You "SHOULD" log in as a regular user and 'su to root' only when needed. This helps mitigate incidents where unrecoverable (or at least PAINFUL) modifications are made by unintentionaly using root to access to the system or files. I'm not trying to tell you what to do, just stating the BBP's for security.... HTH |
To make it simple, I login with my username and su to a systemmaint user by entering password. How to find this active user?
|
this user is logged in remotely as root via su -
Code:
[schneidz@hyper ~]$ w |
All times are GMT -5. The time now is 10:26 PM. |