Shashikant shah

Tuesday, 23 July 2013

Install Sudosh in CentOS-6.2


                                       SUDOSH CONFIGURATION

Question:-                                                                                               shashikant shah
I am managing a team of Linux System Administrators, which manages a large number of servers remotely. This admins require root level privileges on servers. Now how can I keep track of each user activity for audit purpose and to keep record of each command is executed on server. Recommend open source application on Linux.

What is Sudosh?
sudosh is a shell wrapper that logs all keystrokes of a terminal with output and save it into a file whcih is randmoly generated for each user. rootsh also supports logging into syslog but it is bad idea because syslog file can easily be removed by a root user.
We will create a separate folder for logs where we will apply group level privileges & apply append attribute to restrict the group members to write/read only to this folder so our files would be secured.

Install some package :-
1.yum install gcc*
2.yum install perl*
3.yum install pam-devel*
4.rpm -qa | egrep -i 'gcc|make|pam-devel'

MAKEDEV-3.23-1.2
gcc44-gfortran-4.4.0-6.el5
make-3.81-3.el5
gcc-gfortran-4.1.2-46.el5
gcc-4.1.2-46.el5
gcc-c++-4.1.2-46.el5
gcc-java-4.1.2-46.el5
libgcc-4.1.2-46.el5
compat-libgcc-296-2.96-138
gcc-objc-4.1.2-46.el5
gcc-gnat-4.1.2-46.el5
pam-devel-0.99.6.2-6.el5
gcc-objc++-4.1.2-46.el5
gcc44-4.4.0-6.el5
gcc44-c++-4.4.0-6.el

5.Install sudosh shell :-

install sudosh-1.8.2.tar.gz
/usr/local/bin/sudosh {this location save shell}

OR

install sudosh-1.8.2-2.el5.rf.i386.rpm
/usr/bin/sudosh {this location save shell}

6.useradd -s /usr/local/bin/sudosh shashi{username}

OR

# vim /etc/default/useradd

SHELL=/usr/bin/sudosh

# useradd shashi
# passwd shashi

7.Check user shell :-

# grep shashi /etc/passwd

shashi:x:500:500::/home/shashi:/usr/local/bin/sudosh

8.add the shell path :-

# vim /etc/shells
/usr/bin/sudosh
/usr/local/bin/sudosh

9.Create a log directory :-

# sudosh -i
# mkdir /var/log/sudosh
# chmod 0733 /var/log/sudosh
# chattr +a /var/log/sudosh

11.Edit some line in sudoers configure file :-

User_Alias ADMINS = shashi, jk

#SUDOSH shell
Cmnd_Alias SUDOSH = /usr/local/bin/sudosh

admins ALL=SUDOSH

12.Run a command :-
# sudo sudosh

13.Check sudosh shell :-
# sudosh-replay

Wednesday, 17 July 2013

SAMBA Server configuration



                                                             SAMBA Server  configuration 

Question  :-  All user access share directory and insert  data but user can not delete data.

Server Side :-
                  Hostname :- shashi.example.com
                  IPadd :- 192.168.0.16/24

1. Install samba package :-
yum install samba* system-config-samba

2.add client hostname and IP in resolve.conf file :-

3.Create a sharing directory :-
mkdir  /home/data

4.Give a permission :-
Chmod  777 /home/data
Chwon  test:test  /home/data

5.Create a user :-
useradd  test

6.some add line in samba configuration  file :-
Vim  /etc/samba/smb.conf

 [data]
                comment = samba server
                path = /home/data
                writeable = yes
                valid users = test
                create mask = 555
                directory mask = 555

7.add user in samba.
smbpasswd   -a  test

8.Now start service :-
/etc/init.d/smb  start
/etc/init.d/smb  restart
chkconfig  smb on

9.Now access smb server  from client side :-
Smb://192.168.0.16 
10.log file :-
/var/log/samba/