On Wed, Nov 28, 2007 at 02:18:23PM +0100, daniele pendenza wrote: > 1- by default on our Debian system after a successful login through a > tty we are presented with the number of failures (unsuccesful logins) > that took place before using the same login name.For a non root user > this number is correct. > > But what about the root user ? That number is "correct" unless no one > tried to do "su logins" (login using the command su). > Do you think that su-logins must be considered as "general logins" and > then the super user must know how many unsuccessful "su-logins" took > place ? And what about the date and time of the last root login ? :-) > Well, as a solution one could forbid the "su-login" but sometimes that > command can be useful.
I have pam set up so that only members of group adm can do su. I also have my logchecker email me auth failures. Since root should never log in directly (except at single-user), root wouldn't normally see such login notices anyway. > > 2 - by default whenever I press CTRL-D to log out as a non root user the > screen is cleaned ... whenever I press CTRL-D to log out as a root user > the screen is not cleaned - and maybe a non root user can see what the > root did before ! Why did they choose this behavior ?? > So look in the user's .bash_logout and put the appropriate entry in root's .bash_logout. Doug. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]