[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [hobbit] monitoring etc passwd

To: hobbit (at) hswn.dk
Subject: Re: [hobbit] monitoring etc passwd
From: Ralph Mitchell <ralphmitchell (at) gmail.com>
Date: Wed, 8 Jul 2009 11:20:31 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type; bh=j8PHmbTK3BOOEDXhNQxPrzFjOPW86FdqGNP6gc0SuqM=; b=TkWPzGLbWh2pj6sQJWirXQppPnEWOIdedgw8tJ1cKcYy5tCKpGbp0DfJ8gLCaN+2/2 WOL8VxDCELzqcGs2VmtUJ+LqUQZ6uZnXGXWY+HbTK4PZsXWoaYIWDZKBNfrzzOgcD5Lw 05MGSmZFwgMIRQSnwGz928iC8n/6G5S3rTbSU=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=ghfudoATouUebvxDd+OOI6RTK2zPR9j4v3W+DMrS2i24XULjXEERFKTfhiZQTVwWM2 YLw3reOn/i2tLG+0Whp6EJ//0fwhFyKNwp0amuWZljAgweqDJsiBvz9Ebtu6/FQJZruQ cUQjQDbU1kAPlya/T5jOaOJzheoOy2mylE5t0=
References: <20090707222449.X6AJK.539860.root (at) hrndva-web27-z01> <4A545290.3020100 (at) makelofine.org> <8dca7fe00907080334t779648c6q267dcadbda68f311 (at) mail.gmail.com>

Only if passwords are actually stored in /etc/passwd.  Linux systems have
been using /etc/shadow to store passwords, along with last change time and
some other things, leaving just the uid, gid, home directory and shell in
/etc/passwd.
Ralph Mitchell


On Wed, Jul 8, 2009 at 5:34 AM, Shaun Phillips <
tainted.soul69 (at) googlemail.com> wrote:

> If you do monthly root password changes this is going to send your entire
> estate red surely as the MD5 will change?
>
>
> On Wed, Jul 8, 2009 at 9:02 AM, dOCtoR MADneSs <doctor (at) makelofine.org>wrote:
>
>> rsmrcina (at) wi.rr.com a écrit :
>>
>> Gavin,
>>>
>>> Use the FILE client check to determine and possibly alert when a file
>>> (/etc/passwd) has been changed.
>>>
>>> ---- Gavin Leonard <gleonard (at) progrexion.com> wrote:
>>>
>>>> Hi All,
>>>>                I am having a problem where users and groups are being
>>>> created without the knowledge of the admin team and its making it difficult
>>>> to know who had access to what systems if they leave the company... is there
>>>> a way for hobbit to tell me when the /etc/passwd or /etc/group files change?
>>>> Thanks in Advance..
>>>>
>>>> -Gavin
>>>>
>>>>
>>>>
>>>>
>>>
>>> To unsubscribe from the hobbit list, send an e-mail to
>>> hobbit-unsubscribe (at) hswn.dk
>>>
>>>
>>> Hi,
>>
>> In client-local.cfg :
>> [your_host]
>> file:/etc/passwd
>> in hobbit-clients.cfg :
>> HOST=your_host
>> FILE /etc/passwd red MD5=9780JNLKNoiulknaée2
>>
>> Those settings should do exactly what you need
>>
>>
>> To unsubscribe from the hobbit list, send an e-mail to
>> hobbit-unsubscribe (at) hswn.dk
>>
>>
>>
>

Follow-Ups:
- RE: [hobbit] monitoring etc passwd
  - From: Gavin Leonard

References:
- Re: [hobbit] monitoring etc passwd
  - From: rsmrcina
- Re: [hobbit] monitoring etc passwd
  - From: dOCtoR MADneSs
- Re: [hobbit] monitoring etc passwd
  - From: Shaun Phillips

Prev by Date: Re: [hobbit] scalability of hobbit/xymon ?
Next by Date: RE: [hobbit] monitoring etc passwd
Previous by thread: Re: [hobbit] monitoring etc passwd
Next by thread: RE: [hobbit] monitoring etc passwd
Index(es):
- Date
- Thread