Forum: CFEngine Help Subject: Re: how to include username in file change detection policy Author: mvpel Link to topic: https://cfengine.com/forum/read.php?3,24807,24846#msg-24846
I think what you're looking for is the auditing capabilities of the system, rather than inherent CFengine functionality. By the time CFengine notices the change, the person who actually did it might be long gone. Audting, however, can keep a record of accesses to whatever files you're interested in. Check out this link for details: http://www.cyberciti.biz/tips/linux-audit-files-to-see-who-made-changes-to-a-file.html If you enable auditing for the target file, then you could perhaps have CFengine query the audit records with "ausearch" to figure out which user, or users, accessed or changed the file. _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
