[CentOS] How protect bash history file, do audit alike in server

Wed Aug 8 19:07:51 UTC 2012
Heng Su <ste.suheng at gmail.com>

On 08/09/2012 02:46 AM, Les Mikesell wrote:
> On Wed, Aug 8, 2012 at 1:23 PM, Heng Su <ste.suheng at gmail.com> wrote:
>> Normal flow is get codes from SCMs repository or do CI server, however,
>> you know some small company got such thing messy (my current company,
>> lol ^_^). Sometime you have to update only one file of the project.
> Why does it need root permissions to update this file?   It doesn't
> cost anything to add a user to own your application's resources.
OK, assuming there is an jboss application server  running under user 
'jboss' in PRD server, and we have 4 developers want to update the jar 
file in that server.
they always login use same user 'jboss' to do updating file in server, 
how can I tell which guy doing what things cause the server down as they 
use same user account 'jboss'?

So I don't know how should I do as I am a shoddy server admin, so I use 
root to maintain the application server. then create 4 account in server 
for individual developer. So if they want copy, move or other operations 
on those deploy folder or files. Let them use sudo. Now I got all 
commands they did in /var/log/secure, ^_^


Best Regards,
Su Heng