Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] redhat user question



With redhat you can also use the last command to see when the last login 
was.

SG

On 8/6/2013 6:06 PM, Derek Martin wrote:
> On Tue, Aug 06, 2013 at 03:35:03PM -0400, Eric Chadbourne wrote:
>> I'm updating a couple of RedHat boxes for a client and see some most
>> likely legacy users.  My first thoughts are, who are these users, do
>> they still need access, and what do they have access to?
>
> You can ask the client...  If they don't know who the users are,
> disable the accounts and see who complains.
>
>> How do you check for users in such a situation?  I like to do:
>
> You can use tools like last, who, and w to see who's logged in
> recently or right now...  For example,
>
>    last $username
>
> will tell you about the recent logins of $username, assuming that the
> user actually logs in via something that updates the utmp/wtmp database,
> going as far back as the last time your wtmp was rotated.
>
>> cat /etc/passwd |grep "/home" |cut -d: -f1
>>
>> But I know this doesn't show everybody.  I've created users with no
>> home before.
>
> Or users who have a home, but it's not in /home.
>
>> Also how can I tell if a user has root permissions or
>> able to access other stuff such as /var/www?
>
> Heavy handed, but something like:
>
> find / -uid $USERS_UID -o -gid $USERS_GID
>
> You probably really would want something that considers perms on the
> file, as just because it has group ownership for the user's group
> doesn't mean it is group readable/writable... but I leave that as an
> exercise for you.
>
> This will also search pseudo file systems like /proc, which you may
> want to avoid (as it's basically useless but potentially
> time-consuming).
>
> Note also that the user has group associations BOTH in /etc/passwd AND
> in /etc/group.  You'd need to check them all.
>
> This is time-consuming work, if you want to be thorough...
>
>
>
> _______________________________________________
> Discuss mailing list
> Discuss at blu.org
> http://lists.blu.org/mailman/listinfo/discuss
>

-- 
Steve Glines
voice: 978-800-1625 * fax: 978-522-3753
145 Foster Street, Littleton MA 01460







BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org