sulog(4) sulog(4)
sulog - log of all su attempts
The su command attempts to write an entry to the file specified by SULOG
in /etc/default/su (/var/adm/sulog by default) each time it is invoked,
regardless of outcome. If sulog doesn't exist, su attempts to create it,
setting owner and group to that of the directory in which the file
resides (root.sys if /var/adm), and mode to read/write for owner only.
(Because su executes with root privileges, this operation should succeed;
if it does fail, however, subsequent invocations of su will be recorded
only by other logging mechanisms selected in /etc/default/su, if any; see
su(1M)).
sulog is an ASCII file, and each of its entries (or records) contains 6
fields of information about a particular su invocation, using a single
space character as delimiter. Field 1 is always "SU". Field 2 contains
the date in "mm/dd" format, with "mm" ranging from "01" to "12", "dd"
from "01 to "31". Field 3 is the 24-hour time in "hh:mm" format, with
"hh" ranging from "01" to "23", "mm" from "00" to "59". Field 4
indicates the outcome of the su: '+' means it succeeded, '-' means it was
disallowed. Field 5 is the tty on which the su executed (as determined by
ttyname(3C)), or "???" if the process had no controlling terminal. Field
6 identifies the usernames involved, and has the format "oldusernewuser",
where "olduser" is the invoking username, "newuser" the
requested new username.
/var/adm/sulog log file
/etc/default/su defaults file
su(1M), ttyname(3C)
P�P�P�Pa�a�a�ag�g�g�ge�e�e�e 1�1�1�1 [ Back ]
|
