user security

kaushalender · Mar 24, 2021

I am sorry if I am asking a very silly question but I am very new to security. Currently, I have a couple of requirement

1)Giving different level of access to a user on a Linux host like
L1 - Read-only who can only view the logs and configuration file
L2- With a restricted command like he can not delete any files
SME - Who can modify files Super user --- equal to root user

if L1/L2 try to run an unauthorized command then one alert should be generated via email

3)If any configuration changes happen then one alert should be generated
How I can achieve these scenarios. Kindly help
Thanks in advance
Kaushal

f33dm3bits · Mar 24, 2021

Use sudo to grant users or groups access to specific commands and or files, you can trace what a user does by using auditd and setting up audit rules.

Sudo - ArchWiki

wiki.archlinux.org

Audit framework - ArchWiki

wiki.archlinux.org

You can then setup that mail will be sent to the root account when a user has tried to access a file or directory or a command that they aren't allowed to run.

user security

kaushalender

New Member

f33dm3bits

Gold Member

Sudo - ArchWiki

Audit framework - ArchWiki

Members online

Latest posts