I have set a deny permission on a group for a folder in Fedora 17. I want to generate logs when a user from this group is tring to access this denied folder.

Is it possible?

Recommended Answers

All 3 Replies

Personal opinion? Don't bother. It is not an infrequent event for people to try to access folders (directories) that they are not allowed to - often innocently. As long as it is blocked from them, then as the saying goes, "no harm, no foul".

It was for academic exercise, so i had to bother.
I finally work it out with audit package.
In case anyone else needs it, here it is:

yum install audit
chkconfig auditd on
auditctl -w /directory_you_want_to_audit -p war -k just_a_filter_key

//find out who changed or accessed /directory_you_want_to_audit

ausearch -f /etc/passwd

Thank you anyway!!!

Indeed, there are times when auditing is appropriate, especially with systems that have enhanced security requirements. This is why there are the SELinux extensions (Security Enhanced Linux) and implements access control lists, and such. You might want to look into that.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, learning, and sharing knowledge.