user security

kaushalender

New Member
Credits
30
I am sorry if I am asking a very silly question but I am very new to security. Currently, I have a couple of requirement

1)Giving different level of access to a user on a Linux host like
L1 - Read-only who can only view the logs and configuration file
L2- With a restricted command like he can not delete any files
SME - Who can modify files Super user --- equal to root user
  1. if L1/L2 try to run an unauthorized command then one alert should be generated via email
3)If any configuration changes happen then one alert should be generated
How I can achieve these scenarios. Kindly help
Thanks in advance
Kaushal
 


f33dm3bits

Gold Member
Gold Supporter
Credits
15,143
Use sudo to grant users or groups access to specific commands and or files, you can trace what a user does by using auditd and setting up audit rules.
You can then setup that mail will be sent to the root account when a user has tried to access a file or directory or a command that they aren't allowed to run.
 
$100 Digital Ocean Credit
Get a free VM to test out Linux!

Members online


Top