Use remote logging to a second machine which only you have access to. http://www.linuxjournal.com/content/creating-centralized-syslog-server Harold 8/8/2012 12:56 PM, Heng Su wrote: > hello, > > I want to protect the history file from deleted for all users except > user 'root' can do it, is that possible? > For my server, many users can log in with root from remote through > ssh, so I can not trace which guy do wrong things. So I decide to create > new account for every users and let them use 'sudo' then I can trace > which guy typed which command and what he did. However, even if I create > new account for every user, they also can delete the history of them > self easily. > > How should I do. I believe everyone encountered such things > normally. I think there is a gracefully solution for it as I am not > experience on server manage. So any suggestions for how to trace user > like to write down which user did as an audit trail and let it can not > deletable exclude root user? > > Thanks! >