How protect bash history file, do audit alike in server

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



hello,

    I want to protect the history file from deleted for all users except 
user 'root' can do it, is that possible?
    For my server, many users can log in with root from remote through 
ssh, so I can not trace which guy do wrong things. So I decide to create 
new account for every users and let them use 'sudo' then I can trace 
which guy typed which command and what he did. However, even if I create 
new account for every user, they also can delete the history of them 
self easily.

    How should I do. I believe everyone encountered such things 
normally. I think there is a gracefully solution for it as I am not 
experience on server manage. So any suggestions for how to trace user 
like to write down which user did as an audit trail and let it can not 
deletable exclude root user?

  Thanks!

-- 
Best Regards,
Su Heng

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux