I have set a deny permission on a group for a folder in Fedora 17. I want to generate logs when a user from this group is tring to access this denied folder.
Is it possible?
greek_wizard
0
Newbie Poster
Recommended Answers
Jump to PostIndeed, there are times when auditing is appropriate, especially with systems that have enhanced security requirements. This is why there are the SELinux extensions (Security Enhanced Linux) and implements access control lists, and such. You might want to look into that.
All 3 Replies
rubberman
1,355
Nearly a Posting Virtuoso
Featured Poster
Personal opinion? Don't bother. It is not an infrequent event for people to try to access folders (directories) that they are not allowed to - often innocently. As long as it is blocked from them, then as the saying goes, "no harm, no foul".
greek_wizard
0
Newbie Poster
It was for academic exercise, so i had to bother.
I finally work it out with audit package.
In case anyone else needs it, here it is:
yum install audit
chkconfig auditd on
auditctl -w /directory_you_want_to_audit -p war -k just_a_filter_key
//find out who changed or accessed /directory_you_want_to_audit
ausearch -f /etc/passwd
Thank you anyway!!!
rubberman
1,355
Nearly a Posting Virtuoso
Featured Poster
Indeed, there are times when auditing is appropriate, especially with systems that have enhanced security requirements. This is why there are the SELinux extensions (Security Enhanced Linux) and implements access control lists, and such. You might want to look into that.
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.