>> Thanks for your answer, I want to track the user access to a specific > >>filesystem, the platform for server is redhat 7.3 and clients redhat 8.0. >> >Hi David. > >I don't think there is a command or software out there that can do this right now. It'd >have to be something you write yourself. Do you want to track this file specific? >filesystem specific ? or user specific? Also, what would the platforms be for server and >for client? If client is on netware I think there is some sort of NFS cacheing that is > >done that you might be able to log or monitor. David, would you mind posting in plain text instead of HTML ? It makes it easier to read and respond to. Anyway, as I mentioned, there is no command or software that I know of that can do this. And since no one else had responded yet, I don't think anyone else knows of one. I can tell you how I'd do this if I were set with such a task. I would write a shell-wrapper (preferably in C so you can then compile it into a binary, but it's easier as a shell script) that would basically on every command do a "pwd" and "df" kind of thing to find out what filesytem the user is on. Once user is on the targeted filesystem, then start logging each command. Once user is out of file system, go back to the monitoring mode. I'd have the logging as a concatenated redirect to a logfile by the users name and date. That way, if user happens to be logged in on two different shell simultaneously, the logging in hte logfile will remain sequential. If writing to a log file on each command is too much, I would also consider batching hte logs. Meaning have the C or shell program store the commands (put a datestamp in front of each command like YYYYMMDDhhmmss) and hten maybe every 20th command you dump them all to a logfile. If you keep the datestamp in front of each commad, you can do a "sort" on the log later to put all the commands done on that filesystme in sequential order. And then upon exit from the filesystem or shell dump whatever else is in the batch. Hopefully that makes sense, but that's the way I'd do it (and the only way I could see doing it). Hopefully someone else has something more elegant that you could use. I'd be interested as well to find out if something like that exists. Ben Yau -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
