ankush grover wrote: > hey friends, > > We are running 2 Centos servers 4.0 and 4.4 in our office for various > activies like Mailing, Web Services, Database, CVS, FTP,Samba, Squid > etc. We have about 100+ users on those servers , many users don't have > shell on these servers (/sbin/nologin set as default shell) and some > has shell (/bin/bash). We want to monitor the user activities of those > users who have shell means what they all do on the server. One of the > servers contains important data in the database and we don't want > authorized users as they have access to this data and can copy this > data to somewhere else like to their local systems. > > We want to track/monitor the activities of the users. Is there any > free open source software available which can show daily /weekly/ > monthly repots of the users activities. > > > Please let me know if you need any further inputs. > > > Regards > > > Ankush Grover > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos I think you may be looking for something like sudo. from: http://www.gratisoft.us/sudo/intro.html The ability to restrict what commands a user may run on a per-host basis. Sudo does copious logging of each command, providing a clear audit trail of who did what. When used in tandem with syslogd, the system log daemon, /sudo/ can log all commands to a central host (as well as on the local host). At CU, all admins use /sudo/ in lieu of a root shell to take advantage of this logging. Sudo uses timestamp files to implement a "ticketing" system. When a user invokes /sudo/ and enters their password, they are granted a ticket for 5 minutes (this timeout is configurable at compile-time). Each subsequent /sudo/ command updates the ticket for another 5 minutes. This avoids the problem of leaving a root shell where others can physically get to your keyboard. There is also an easy way for a user to remove their ticket file, useful for placing in a .logout file. may even be installed on you system already. rpm -qa | grep sudo or yum search sudo