On June 1, 2004 11:28 am, Ted Beaton wrote: > I have an application running on a Redhat 9 machine that requires being run > by a certain user. I also have security requirements that necessitate > logging the actions of all users logged into the system so I can't have two > different people log in with the same user name. Then I won't know who is > doing what on the system. What I would like to do is have a separate user > account for each person and then require them to su to the common user > account that needs to run the application. Then I can track the individual > logins and know who su'd to the common account and when they did it. Does > anyone know how to disable logins to the common user account while still > allowing the account to be functional for when people need to su to it? > > Thanks in advance, > > Ted Have a look at sudo (man sudo). There are some security issues with sudo, but the nice thing is each user only knows their own password and they can only execute specificlly listed commands which can be very granular. (the security aspect is with things like less, more, vi that allow the user to shell out. vi can be replaced with rvim, but I don't know about a replacement for less or more) As far as restricting access to an account (usermod -l), you can try locking the account, but I'm not sure how sudo will react. -- Pete Nesbitt, rhce -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
