hi
my need is my securey admin is audit users activity on the server he asked /var/log/audit.log,secure. and user .bash_history
files in .tar.gz.gpg formate with password i wrote the script below like this
vi /root/gpgpass
passworkd
vi /scripts/log_dsa1.sh
#!/bin/bash
mkdir /var/log/user_audit_`date +%F`
cp /var/log/secure /var/log/user_audit_`date +%F`/secure_`date +%F`
cp /var/log/audit/audit.log /var/log/user_audit_`date +%F`/audit_`date +%F`.log
cat /home/user1/.bash_history >> /var/log/user_audit_`date +%F`/user1_`date +%F`
cat /home/user2/.bash_history >> /var/log/user_audit_`date +%F`/user2_`date +%F`
cat /home/user3/.bash_history >> /var/log/user_audit_`date +%F`/user3_`date +%F`
tar -cvzf log_dsa1_`date +%F`.tar.gz /var/log/user_audit_`date +%F`
gpg --passphrase-file /root/gpgpass -c log_dsa2_`date +%F`.tar.gz
rm -rf log_dsa1_`date +%F`.tar.gz
rm -rf /var/log/user_audit_`date +%F`
this script i ran manually on the server its working fine
i assigned the crone job for root user
crontab -e
15 6 * * * /scripts/log_dsa1.sh
corntab -l
15 6 * * * /scripts/log_dsa1.sh
tail -f /var/log/cron
Apr 19 6:15:01 server crond[14188]: (root) CMD (/root/log_dsa1.sh)
but i dint get the .tar.gz.gpg file in /log_backup/
if i remove the (gpg --passphrase-file /root/gpgpass -c user_audit_`date +%f`.tar.gz) in the scrpt file it's working fine but i need gpgp encriptin pls guide me how to encript the user_audit`date +%F`.tar.gz file with password on my cron job
thanks in addvance........
Last edited by ramesh14; 04-19-2011 at 06:42 AM.
|