Hi
I need to set
$HISTFILE
for a user with no home directory. How to go about it because this user does not have a
.profile
file.
Hi,
What OS and what shell?
Does the user actually login - if so why don't they have a home directory?
Presumably the user will end up with "/" as a home directory?
Regards
Gull04
Its
HP-UX 11.31
, but I did find its home directory and the
.sh_history
file for that user, but I did not find any evidence that that particular user did some malicious thing. Is that mean that I have to enable auditing?
As asked by Gull04, why don't they have a home directory? Is that by accident or by design?
Hi,
Why do you think the user did something malicious, if you do - the account should immediately be disabled and probably change the "root" password at a minimum.
You should then be checking logs - for peace of mind at the very least.
Again, why doesn't the user have a home directory set.
Regards
Gull04
I'm sure if a user did malicious things, he would delete the history file or forge it easily.
History is not auditing.
Only why to track that is by employing auditing, which i never turned on on HPUX v3.
But i did find a document describing it with a lot of information.
https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c02899022
Be careful playing with audit, do not just do it on production systems, use test systems first.
Audit configuration requires careful planning and implementation.
Hope that helps.
Regards
Peasant.