search for: lastcomm

...last` to see who was logged > in at the time and make a guess. > Also, you can look into shell history files (though that might be cleaned by users). Admin is allowed to do that when investigates incident. One more thing: if "access" constitutes execution of that file, you can use lastcomm (if process accounting is enabled on the system). This only tells you the command name (not its arguments....) - so if your file is command and you are interested who executed it and when lastcomm is your friend. Good luck! Valeri ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System...

...ogs and `last` to see who was logged in at the time and make a guess. Also, you can look into shell history files (though that might be cleaned by users). Admin is allowed to do that when investigates incident. One more thing: if "access" constitutes execution of that file, you can use lastcomm (if process accounting is enabled on the system). This only tells you the command name (not its arguments....) - so if your file is command and you are interested who executed it and when lastcomm is your friend. Thanks for these suggestions! But one thing that I should have mentioned is that it...

...> in at the time and make a guess. > > > > Also, you can look into shell history files (though that might be cleaned > by users). Admin is allowed to do that when investigates incident. > One more thing: if "access" constitutes execution of that file, you can > use lastcomm (if process accounting is enabled on the system). This only > tells you the command name (not its arguments....) - so if your file is > command and you are interested who executed it and when lastcomm is your > friend. > > > > Thanks for these suggestions! But one thing that I...

Hey guys, Is there any way to find out the last user to access a file on a CentOS 6.5 system? Thanks Tim -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B

...9665 m.c -rw-r--r-- tugstugi unix /home/tugstugi/.ssh/known_hosts Dec 15 04 19:12:21 1002 m.c -rw------- tugstugi unix /home/tugstugi/.shrc ... Somehow he seems like copied /home/tugstugi/.ssh/known_hosts to home/tsgan/.tmp/known_hosts. I don't know why. Following is lastcomm output: ... sshd -F tugstugi __ 0.16 secs Tue Dec 14 23:01 sh - tugstugi #C:5:0x1 0.03 secs Tue Dec 14 23:02 su - tugstugi #C:5:0x1 0.02 secs Tue Dec 14 23:38 ... sshd -F tugstugi _...

Hi, One of my shared volumes crashed the other day on a RH-7.2, 2.4.9-31 system. These are the first errors in the log: kernel: EXT3-fs error (device ide0(3,9)): ext3_readdir: bad entry in directory #2424833: rec_len is smaller than minimal - offset=0, inode=2553887680, rec_len=0, name_len=0 kernel: EXT3-fs error (device ide0(3,9)): ext3_readdir: bad entry in directory #2424833: rec_len is

We just had a security application vendor come in. We asked about Linux support and he said that putting a security application on top of an insecure OS was useless. When I asked what he meant by insecure he replied that Linux does not have a true Auditing capability - as opposed to HP-UX & Solaris which they do support. Can anyone explain to me what he was talking about? Thanks, Marty