Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
In my production server im facing problem that frquently some one disabling vi /etc/hosts conf file. i had check out /var/log/messages i never got any symptom of that . i also check /var/log/xferlog that to i does int getting of any logs of modified details of hosts file.How can i place log for monitoring the last date of hosts file modified
In my production server im facing problem that frquently some one disabling vi /etc/hosts conf file. i had check out /var/log/messages i never got any symptom of that . i also check /var/log/xferlog that to i does int getting of any logs of modified details of hosts file.How can i place log for monitoring the last date of hosts file modified
I have never heard disabling hosts file
or do you mean someone without your knowledge makes changes in hosts file?
you can use this command to check modification of file
Hi,
we had enabled root priviledge for few user .i found one of the user keep on changing the hosts file making out the database to fall .we are connected our server by using localhost in mysql.so server instant automatically getting stopping off .how can i get log if any one change the conf file of hosts .it seems the hosts modified logs never falls on anywhere on the system.how can i enable to get alert any one modified the hosts conf file
As per the answer of your question I don't believe any log file even if any exists can tell you what changes has been made.
As you said your server stops due to changes in hosts file you can check the hosts file using the stat command and ask the user not to make any changes without the permission of admin.
and any how hosts is not a .conf file so I don't believe there can be any log file but you can always look out for positive replies from other members here.
Hi,
we had enabled root priviledge for few user .i found one of the user keep on changing the hosts file making out the database to fall .we are connected our server by using localhost in mysql.so server instant automatically getting stopping off .how can i get log if any one change the conf file of hosts .it seems the hosts modified logs never falls on anywhere on the system.how can i enable to get alert any one modified the hosts conf file
Hi,
One advice: limit root access to a strict minimum and setup sudo. Change file attributes on files you don't want to be changed.
If you set it up like that you could install syslog-ng and configure it to process your logs which can even send you mails. That'll save you a lot of trouble.
Hi,
we had enabled root priviledge for few user .i found one of the user keep on changing the hosts file making out the database to fall .we are connected our server by using localhost in mysql.so server instant automatically getting stopping off .how can i get log if any one change the conf file of hosts .it seems the hosts modified logs never falls on anywhere on the system.how can i enable to get alert any one modified the hosts conf file
You can write a script using inotify, but what you're asking is really pointless.
If the user has root access, they can easily go in and disable/edit ANY logging you put in place, rendering all your efforts ineffective. EricTRA gave the best advice: limit root access, and if you're having problems with a particular user, take away their rights, and don't give them back. You can also use sudo to limit the commands they can run to a certain few, giving them root access to just a few commands, but not able to run anything else, like "vi /etc/hosts", or the like.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.