How to set up a CentOS system to restrict user modifications to system logs-Linux Operation and Maintenance-php.cn

Home

Operation and Maintenance

Linux Operation and Maintenance

How to set up a CentOS system to restrict user modifications to system logs

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jul 05, 2023 pm 03:43 PM

centoslimitSystem log

How to set up the CentOS system to restrict users from modifying the system log

In the CentOS system, the system log is a very important information source. It records the system's operating status, error messages, warnings, etc. In order to protect the stability and security of the system, we should restrict users from modifying system logs. This article will introduce how to set up the CentOS system to restrict the modification permissions of the system log.

1. Create user groups and users
First, we need to create a user group specifically responsible for managing system logs, and an ordinary user for managing logs. Assume that the group name we created is logadmin and the user is loguser. It can be created through the following command:

sudo groupadd logadmin
sudo useradd -g logadmin loguser

2. Modify the permissions of the log file
Next, we need to modify the permissions of the system log file so that Only users in the logadmin group can modify it, and other users can only read it. Usually, the log files of the CentOS system are located in the /var/log directory. Taking the system log file /var/log/messages as an example, we can execute the following command to modify the permissions:

sudo chown root:logadmin /var/log/messages
sudo chmod 640 /var/log/messages

The above command will change the permissions of the log file. The owner is set to the root user, the group to which it belongs is set to the logadmin group, and the permissions are set to 640. In this way, only the root user and users belonging to the logadmin group can modify the log file, and other users can only read it.

3. Configure sudo permissions
In order to ensure that only users in the logadmin group have permission to modify log files, we also need to configure sudo permissions to restrict only users in the logadmin group from using specific commands. Suppose we want to restrict the loguser user to only use the logrotate command, we can perform the following steps:

Use the visudo command to edit the sudoers file:
```
sudo visudo
```
Add the following content to the file:
```
%logadmin ALL=(ALL) NOPASSWD: /usr/sbin/logrotate
```
This way, only users belonging to the logadmin group can use the logrotate command and no password is required.

4. Test settings
After completing the above settings, we can test whether the user's permission to modify the system log has been successfully restricted.

Switch to the loguser user:
```
sudo su - loguser
```
Try to modify the log file:
```
echo "test" >> /var/log/messages
```
Since the loguser user does not belong to the logadmin group, Therefore, the log file cannot be modified, and a message indicating insufficient permissions will be displayed.
Use the logadmin user to try to modify the log file:
```
echo "test" >> /var/log/messages
```
Since the logadmin user belongs to the logadmin group, it has the permission to modify the log file.

Through the above settings, we have successfully restricted the user's permission to modify the system log and protected the stability and security of the system.

Summary
This article introduces how to set up the CentOS system to restrict users' permission to modify system logs. By creating user groups and users, modifying permissions on log files, and configuring sudo permissions, we can achieve that only specific users can modify system logs and enhance system security and stability.

Note: The group names, users and log files used in the examples in this article are for reference only and should be adjusted according to the actual situation in actual use.

The above is the detailed content of How to set up a CentOS system to restrict user modifications to system logs. For more information, please follow other related articles on the PHP Chinese website!

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Understanding Linux's Maintenance Mode: The EssentialsApr 14, 2025 am 12:04 AM

Linux maintenance mode is entered by adding init=/bin/bash or single parameters at startup. 1. Enter maintenance mode: Edit the GRUB menu and add startup parameters. 2. Remount the file system to read and write mode: mount-oremount,rw/. 3. Repair the file system: Use the fsck command, such as fsck/dev/sda1. 4. Back up the data and operate with caution to avoid data loss.

How Debian improves Hadoop data processing speedApr 13, 2025 am 11:54 AM

This article discusses how to improve Hadoop data processing efficiency on Debian systems. Optimization strategies cover hardware upgrades, operating system parameter adjustments, Hadoop configuration modifications, and the use of efficient algorithms and tools. 1. Hardware resource strengthening ensures that all nodes have consistent hardware configurations, especially paying attention to CPU, memory and network equipment performance. Choosing high-performance hardware components is essential to improve overall processing speed. 2. Operating system tunes file descriptors and network connections: Modify the /etc/security/limits.conf file to increase the upper limit of file descriptors and network connections allowed to be opened at the same time by the system. JVM parameter adjustment: Adjust in hadoop-env.sh file

How to learn Debian syslogApr 13, 2025 am 11:51 AM

This guide will guide you to learn how to use Syslog in Debian systems. Syslog is a key service in Linux systems for logging system and application log messages. It helps administrators monitor and analyze system activity to quickly identify and resolve problems. 1. Basic knowledge of Syslog The core functions of Syslog include: centrally collecting and managing log messages; supporting multiple log output formats and target locations (such as files or networks); providing real-time log viewing and filtering functions. 2. Install and configure Syslog (using Rsyslog) The Debian system uses Rsyslog by default. You can install it with the following command: sudoaptupdatesud

How to choose Hadoop version in DebianApr 13, 2025 am 11:48 AM

When choosing a Hadoop version suitable for Debian system, the following key factors need to be considered: 1. Stability and long-term support: For users who pursue stability and security, it is recommended to choose a Debian stable version, such as Debian11 (Bullseye). This version has been fully tested and has a support cycle of up to five years, which can ensure the stable operation of the system. 2. Package update speed: If you need to use the latest Hadoop features and features, you can consider Debian's unstable version (Sid). However, it should be noted that unstable versions may have compatibility issues and stability risks. 3. Community support and resources: Debian has huge community support, which can provide rich documentation and

TigerVNC share file method on DebianApr 13, 2025 am 11:45 AM

This article describes how to use TigerVNC to share files on Debian systems. You need to install the TigerVNC server first and then configure it. 1. Install the TigerVNC server and open the terminal. Update the software package list: sudoaptupdate to install TigerVNC server: sudoaptinstalltigervnc-standalone-servertigervnc-common 2. Configure TigerVNC server to set VNC server password: vncpasswd Start VNC server: vncserver:1-localhostno

Debian mail server firewall configuration tipsApr 13, 2025 am 11:42 AM

Configuring a Debian mail server's firewall is an important step in ensuring server security. The following are several commonly used firewall configuration methods, including the use of iptables and firewalld. Use iptables to configure firewall to install iptables (if not already installed): sudoapt-getupdatesudoapt-getinstalliptablesView current iptables rules: sudoiptables-L configuration

Debian mail server SSL certificate installation methodApr 13, 2025 am 11:39 AM

The steps to install an SSL certificate on the Debian mail server are as follows: 1. Install the OpenSSL toolkit First, make sure that the OpenSSL toolkit is already installed on your system. If not installed, you can use the following command to install: sudoapt-getupdatesudoapt-getinstallopenssl2. Generate private key and certificate request Next, use OpenSSL to generate a 2048-bit RSA private key and a certificate request (CSR): openss

Debian mail server virtual host configuration methodApr 13, 2025 am 11:36 AM

Configuring a virtual host for mail servers on a Debian system usually involves installing and configuring mail server software (such as Postfix, Exim, etc.) rather than Apache HTTPServer, because Apache is mainly used for web server functions. The following are the basic steps for configuring a mail server virtual host: Install Postfix Mail Server Update System Package: sudoaptupdatesudoaptupgrade Install Postfix: sudoapt

See all articles