Linux Root User Security

200 pts.
Tags:
Linux
Linux administration
Overview:- In my environment, we have given sudo access to multiple user . Users having admin/Sudo right switching to root user & then executing there commands.
Concern: Most of users are switching to root user with below command. 
 
# Sudo su – 
 
 & 
 
Then become root user. Now once these users switch to root user, there all history command will redirect to one logs file .bash_history .
Hence individual logs tracking can’t maintain like /var/log/secure.
Is there any way available On linux Server from which I can track separate log file for each user who are switching to root user with “Sudo Su –“
1

Answer Wiki

Thanks. We'll let you know when a new response is added.

If all of these multiple users are logging onto root, which is just one account, then you cannot track each individual person login on unless they keep track by using a sign-in sheet of when they are using root. But I don’t see this working at all, because once you start working, you should be in the zone, and having to put your name and time on a piece of paper is not a priority.

Also, why so many have access to root? That is way too many cooks in the kitchen. You are an accident waiting to happen because no one is going to admit when something happens, especially if it will cost them their job.

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Subhendu Sen
    You can activate by using log_input/ log_output options. Or you can install auditd which can also help you. However, why did you give sudo privilege to some users that is not revealed here. 
    136,700 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.

Following

Share this item with your network: