 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
I am running 64-bit Fedora 10 and 12 (and yes, I know they are both old versions, but I don't have the ability, at the moment, to upgrade them, so I need to work with what I have). These machines are part of a NIS network and do NOT have SELinux enabled. A few questions to help educate me: - If I run aureport -i -l -ts this-week -te this-week ? I sometimes get a resulting username of "unknown". ? /var/yp is up-to-date and /etc/passwd shows no unusual entries for the NIS server nor any of the clients. ? ?What might cause the 'unknown' entries? - In /etc/pam.d/system-auth what is the function of shadow, I think on one of the password lines - If I type history in bash, I get a listing of commands entered, but no corresponding date/time stamps. ? ?I did recently learn about the history timestamp bash variable, but if I export it, it will show me the history commands with a date/time stamp of _now_ (when I exported it). ? Is there _any_ way to see when the command was entered, or is it a lost cause? - As a followup to history, if chkconfig _whaterver_ on/off was typed (say chkconfig auditd on or off) ?where is the best place to see _when_ it might have been entered? ? ?I looked in /var/log/messages but it was not readily apparent. Thanks. Scott
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
