Granting a new employee access to Ubuntu Server

Posted on 2013-09-10
Medium Priority
Last Modified: 2016-07-10

We are bringing on an extra pair of hands to work on our systems.

We have a Ubuntu server - I have root access and I wish to grant the new employee access via SSH also.

Is there anyway to monitor what (files) changes under their login session(s)? Is there a monitoring package??

Also, what privileges should I grant them?

Im a bit new on this, but I have root access.

Question by:intangiblemedia
LVL 31

Expert Comment

ID: 39480075
If you have created a regular account for them on Linux, they should be able to create/access files in their own directory.  They cannot access any admin command unless you provide them access through sudo.

Do you want to monitor the files they create/modify under their own account?

Author Comment

ID: 39480178
Yes, I would like to do so.


LVL 35

Assisted Solution

by:Duncan Roe
Duncan Roe earned 400 total points
ID: 39596635
Take a look at man inotifywatch and man inotifywait
Build your data science skills into a career

Are you ready to take your data science career to the next step, or break into data science? With Springboard’s Data Science Career Track, you’ll master data science topics, have personalized career guidance, weekly calls with a data science expert, and a job guarantee.

LVL 51

Accepted Solution

Steve Bink earned 1600 total points
ID: 39599132
To expound a bit on duncan_roe's suggestion, take a look at this script I use in one of my development projects:
$> cat wait_for_change.sh
inotifywait -e close_write -e move -e create -e delete -mr \
  /var/www/my_monitored_directory | while read dir event file
    # looking for any changed file that isn't publisher.wsgi
    # and is not in a log directory, and doesn't end with .log
    if [ "$file" != "publisher.wsgi" ] && [[ $dir != */log/*  &&  $file != *.log ]]
      touch /var/www/my_monitored_directory/publisher.wsgi
      echo "touched pub because $file reported $event"

Open in new window

The idea is pretty simple.  WSGI automatically refreshes an application if it detects a change, but its change detection is pretty narrow - it does not watch every single include you might have.  So, I used inotify to watch the entire directory (including sub-directories).  If it detects a change in any file that is not a) the actual WSGI application or b) part of the logging system, it updates the timestamp on my WSGI app using touch.  When I run this script, I can edit any file in my app's tree and always know my running app is fresh.

Note that I touch the file, and echo out the caught event.  You could easily echo that to a log for your later reading pleasure.

inotify is part of the inotify-tools package.  You can usually install it with apt-get, or dpkg:
$> dpkg --list *inotify*
| Status=Not/Inst/Cfg-files/Unpacked/Failed-cfg/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name                            Version                         Description
ii  inotify-tools                   3.13-3                          command-line programs providing a simple interface to inotify
ii  libinotifytools0                3.13-3                          utility wrapper around inotify

Open in new window

LVL 51

Expert Comment

by:Steve Bink
ID: 41698878
LVL 35

Expert Comment

by:Duncan Roe
ID: 41699658
Agree most of the points should go to https:#a39599132, but a small share also to https:#a39596635 on which the main answer builds

Featured Post

Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

In the first part of this tutorial we will cover the prerequisites for installing SQL Server vNext on Linux.
This installment of Make It Better gives Media Temple customers the latest news, plugins, and tutorials to make their Grid shared hosting experience that much smoother.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question