Welcome to the most active Linux Forum on the web.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 02-12-2008, 07:29 PM   #1
Registered: Jan 2005
Location: California
Distribution: Slackware 14.2
Posts: 39

Rep: Reputation: 0
Login logging?


Definitely a newbie question here. I'm running Slackware 12 on a couple of machines, to be used by a group of people. I'm the default sys admin. I'd like to maintain a log of logins, that can't be deleted, even if someone has obtained the super user login info. Is this possible?


Old 02-12-2008, 09:21 PM   #2
LQ Guru
Registered: Jan 2004
Location: NJ, USA
Distribution: Slackware, Debian
Posts: 5,852

Rep: Reputation: 357Reputation: 357Reputation: 357Reputation: 357
You mean a file that is impossible to delete under any circumstances? As far as I know, that can't be done under a Unix environment (sounds like a Windows "feature").

You could push the file to a remote server/device though, or somehow hide and or encrypt it.
Old 02-12-2008, 09:26 PM   #3
Senior Member
Registered: Dec 2005
Location: Brisbane, Australia
Distribution: Slackware64 14.0
Posts: 4,125

Rep: Reputation: 165Reputation: 165
The lastlog command should do what you need. However, once root is logged in they can do whatever they want. Perhaps you could have a cron job run the transfers /var/log/lastlog to a remote location every few minutes. The problem there is that whoever gets root access could view that cron job and find the remote log as well.
Old 02-13-2008, 04:01 AM   #4
Registered: Feb 2005
Distribution: OpenSuse 10.1 / Centos 4.4
Posts: 60

Rep: Reputation: 15
also use PKI only authentication when possible to minimize your risk.
Old 02-13-2008, 08:00 PM   #5
LQ Guru
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.9, Centos 7.3
Posts: 17,411

Rep: Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397
If they get in as root, your options are limited.
You can scp or ftp to a remote system, but it (the remote sys) will have to prevent that same cxn deleting files.
The old fashioned bullet-proof way is a cheap (remote) printer or other write-only device eg burn to a WORM CD/DVD drive (again remote to prevent physical theft).
Of course, email (to a remote sys) is an option...


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Configuring Login Logging matsko Linux - Security 5 03-26-2006 02:21 PM
Bad login logging luigi95 Linux - Security 2 07-07-2005 03:54 AM
Logging failed CDE login ]un]ie Solaris / OpenSolaris 5 12-19-2004 08:18 AM
login reprompts me instead of logging in spectrumver1 Linux - Newbie 1 06-01-2004 05:29 AM
Logging in and getting login prompt again dkaplowitz Red Hat 5 11-21-2003 04:43 PM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 10:07 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration