On Wed, 2014-05-28 at 21:39 -0500, Barry Brimer wrote: > I believe auditctl could help: > > https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/sec-Defining_Audit_Rules_and_Controls.html > http://www.cyberciti.biz/tips/linux-audit-files-to-see-who-made-changes-to-a-file.html Thanks. Very useful. I learned something new today :-) -- Paul. England, EU. Our systems are exclusively Centos. No Micro$oft Windoze here.