log access file program
hi.
i want to make a program to write the result of access to a file ,i mean for example a user wants to (open,delete,edit)a file but if he has no access to this file ,something write to a log file. so after that i can check which user got access denied by accessing to which file. can anybody help me? or if any tools available that can do this? or if there is any built in log access file that record the permission denied to files? any help/hint would be appreciated.. thanks in advance. i use opensuse11.2 |
You may find the auditd package helpful; you can use auditctl to set up watch rules (see the examples towards the end of the man page).
|
Quote:
it has really good example ,i can successfully set the rule but when i use ausearch -f /etc/passwd i got <no match> i tried several rules but no can have result.. can you help me?? |
i got the answer ,you should start the audit daemon by using auditd -n command.cool isn't it!!
but i want to put watch on every file that a particular user access??? |
it can also be started by using auditctl -e 1 and ended by auditctl -e 0
|
All times are GMT -5. The time now is 12:26 AM. |