user security

K

kaushalender

New Member
Joined
Mar 24, 2021
Messages
2
Reaction score
0
Credits
30
I am sorry if I am asking a very silly question but I am very new to security. Currently, I have a couple of requirement

1)Giving different level of access to a user on a Linux host like
L1 - Read-only who can only view the logs and configuration file
L2- With a restricted command like he can not delete any files
SME - Who can modify files Super user --- equal to root user
  1. if L1/L2 try to run an unauthorized command then one alert should be generated via email
3)If any configuration changes happen then one alert should be generated
How I can achieve these scenarios. Kindly help
Thanks in advance
Kaushal
 


f33dm3bits

f33dm3bits

Gold Member
Gold Supporter
Joined
Dec 11, 2019
Messages
5,933
Reaction score
4,416
Credits
43,594
Use sudo to grant users or groups access to specific commands and or files, you can trace what a user does by using auditd and setting up audit rules.

Sudo - ArchWiki

wiki.archlinux.org wiki.archlinux.org

Audit framework - ArchWiki

wiki.archlinux.org wiki.archlinux.org
You can then setup that mail will be sent to the root account when a user has tried to access a file or directory or a command that they aren't allowed to run.
 
You must log in or register to reply here.
MALIBAL Linux Laptops

Linux Laptops Custom Built for You
MALIBAL is an innovative computer manufacturer that produces high-performance, custom laptops for Linux.

For more info, visit: https://www.malibal.com

Staff online

Members online

Total: 398 (members: 4, guests: 394)

Latest posts

Top