Manualshelf

Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP HP-UX Auditing System Extensions
51525354555657585960
# smh -r
When users with restricted access execute SMH, they will have superuser status in the
defined areas and will only see those SMH areas in the menu. All other areas of SMH
will be hidden from the user. When users without access permissions execute SMH, they
will receive an error message stating they must be superuser.
You can also add more applications to SMH and set them up for restricted access.
2.11.3 Reviewing Superuser Access
The /var/adm/sulog file logs all attempts of the su root command including failures.
Successful attempts are flagged with a plus (+) and failures are flagged with a minus (-).
Only root can view the /var/adm/sulog file. For example:
# su root
Password:
# ll /var/adm/sulog
-rw------- 1 root root 690 Aug 17 19:37 /var/adm/sulog
In the following example, userone has successfully used the su command to access
root. A second user, usertwo, has not been successful. In addition, usertwo has not
been successful in using su to access gooduser1 either.
# more /var/adm/sulog
SU 08/17 19:10 + 0 userone-root
SU 08/17 19:36 - 0 usertwo-root
SU 08/17 19:36 - 0 usertwo-root
SU 08/17 19:36 + 0 userone-root
SU 08/17 19:37 - 0 usertwo-gooduser1
2.11 Protecting the root Account 59