Question: How to configure auditd to change the default permissions on the /var/log/audit/audit.log from 0600 to 0640 and also changing the group ownership of the file? By default it’s not possible to change permissions on the /var/log/audit/audit.log file using ACLs, instead “log_group” parameter can be set under the file /etc/audit/audit.conf. The Steps In this example, […]
Archives for February 2019
A File Is Claimed to Be Disappearing – How to monitor a file for deletion in Linux
Question: A file seems to be disappearing and no direct reason for its disappearance can be found. How can we monitor the file access, especially the deletion of a particular file in CentOS/RHEL system? A file can be monitored through its lifecycle by using the Linux auditd service. The Steps 1. To install it on […]
How to Stop Audit Log Entries Written to System Logs in CentOS/RHEL 6
This post explains how to stop audit log entries written to system logs. 1. Check the file /etc/audisp/plugins.d/syslog.conf. By default, the file “/etc/audisp/plugins.d/syslog.conf will have the below line. args = LOG_INFO This will allow syslog to log audit logs into /var/log/messages. In addition audit.d will log all the audit events to /var/log/audit/audit.log too and this […]
Nohup Command Examples – Runs a Command that Keeps Running after You Log Out
The nohup utility executes a command line such that the command keeps running after you log out. In other words, nohup causes a process to ignore a SIGHUP signal. Depending on how the local shell is configured, a process started without nohup and running in the background might be killed when you log out. Syntax […]
What’s different between /bin/false and /sbin/nologin as nologin user’s shell
At times, we may need a user account with a password for authentication with a system, but do not require an interactive shell with that username. This helps in preventing the user account being used for logging in to the system with that password. In those scenarios, we can set the user’s shell to /sbin/nologin […]
What are the Types of DNS Servers
Types of DNS Servers DNS servers play a wide variety of roles—a single name server may be a master for some zones, a slave for others, and provide caching or forwarding services for still others. The role of the name server is controlled by its configuration file, which in the case of BIND is called […]
Linux OS Service ‘cups’
Description The Common UNIX Printing System (“CUPS”) is a cross-platform printing solution for all UNIX environments. It is based on the “Internet Printing Protocol” and provides complete printing services to most PostScript and raster printers. CUPS is a replacement for the LPD printing system. It replaces the lpr command with its own and the LPD […]