Date: Mon, 30 Jul 2007 12:13:34 +0100 From: Tom Evans <tevans.uk@googlemail.com> To: Ian Lord <mailing-lists@msdi.ca> Cc: freebsd-questions@freebsd.org Subject: Re: Root access loggin Message-ID: <1185794014.1444.7.camel@localhost> In-Reply-To: <050b01c7ce16$960a0570$6400a8c0@msdi.local> References: <050b01c7ce16$960a0570$6400a8c0@msdi.local>
next in thread | previous in thread | raw e-mail | index | archive | help
--=-42E5JTuc+Sao1qckpi9r Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Tue, 2007-07-24 at 13:18 -0400, Ian Lord wrote: > Hi, >=20 > =20 >=20 > A Zend technician asked me to have a root access on one of my box to > troubleshoot something wrong in Zend Platform installation that doesn't w= ork > on Freebsd. >=20 > =20 >=20 > He will need root access naturally to install and debug remotely. >=20 > =20 >=20 > Is there a way to log all the commands he will type and send them in a > logfile ? >=20 > =20 >=20 > Or is there a better solution than granting him root access from ssh ? >=20 > =20 >=20 > Thanks >=20 > =20 sudosh (sudo shell) is an idea here. It gives them a root shell they can do anything in, but everything is logged. It can even play back the logs at any speed up you like (I like to watch.) This seems great in principle, but of course, you just gave them a root shell, and so they can delete their log file easily enough... --=-42E5JTuc+Sao1qckpi9r Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD) iD8DBQBGrcfblcRvFfyds/cRAm45AKCx2IeuGyFgZQWcg7kBP8mx/PFrQACgiJe4 1KBWKg9z+kzlHbId56/vF4k= =q/D9 -----END PGP SIGNATURE----- --=-42E5JTuc+Sao1qckpi9r--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1185794014.1444.7.camel>