root logins & syslog
John F Haugh II
jfh at rpp386.cactus.org
Mon Dec 10 07:48:32 AEST 1990
In article <2356 at bnlux0.bnl.gov> como at max.bnl.gov (Andrew T. Como) writes:
>#1 Question: does this valid tty change also restrict "su - root"
> to that device.
No, the checks only apply to login time. There are ways to restrict
someone from su-ing to your account, but not on the basis of TTY name.
If you are really interested in restricting someone on the basis of
arbitrary criteria, please look into the "auth1" and "auth2" attributes.
It is possible to define special processing on a per-user basis using
those fields.
>#2 Question: I cannot get the syslog daemon to put the "su to root"
> entries anywhere. Does this work on aix?
AIX is more "System V"-like than "BSD"-like. The AT&T "su" doesn't
perform syslogging, and neither (so far as I've ever seen ...) does
AIX. Sad to say, but it also doesn't create records in /usr/adm/sulog ...
--
John F. Haugh II UUCP: ...!cs.utexas.edu!rpp386!jfh
Ma Bell: (512) 832-8832 Domain: jfh at rpp386.cactus.org
More information about the Comp.unix.aix
mailing list