>>> On 12/19/2016 at 09:12 AM, Michael MacIsaac <mike99...@gmail.com> wrote: > Hi, > > We cannot SSH as root in our organization which is good for preserving > audit trail because all users must use their own credentials. > > I (but not all users) can then 'su to root', and my login user is preserved > in the environment variable SUDO_USER. > > However, then as root I can 'su to another user' and the audit trail seems > to be lost. Has anyone solved this issue?
Some time back Novell had a product called Privileged User Manager. I don't know if it's still around or not. But, something like that is going to be necessary to accomplish a really good audit trail. One possibility to do exactly what you asked for, that you didn't mention was that instead of the root user using su, the scripting (or users) could have root use sudo instead. Also, I don't know if you've tried it or not, but the su command has the "-m" and "-p" options to preserve the environment. In my (brief) testing, that seems to do what you want. Mark Post ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/