What does the + sign represent?

The su command by default makes an entry into the log file for every su command attempt. The
following is a single line from the file:
SU 12/18 23:20 + pts/1 user1-root
What does the + sign represent?

The su command by default makes an entry into the log file for every su command attempt. The
following is a single line from the file:
SU 12/18 23:20 + pts/1 user1-root
What does the + sign represent?

A.
unsuccessful attempt

B.
successful attempt

C.
The attempt was from a pseudo terminal, and not the console.

D.
The attempt was from a user that is in the adm group, same as root.

E.
Time zone is not set.

Explanation:
The sulog file, /var/adm/sulog, is a log containing all attempts (whether successful or
not) of the su command. An entry is added to the sulog file every time the su command is
executed. The fields in sulog are: date, time, successful (+) or unsuccessful (-), port, user
executing the su command, and user being switched to. In the preceding example, all su attempts
were successful, except for the attempt on 2/23 at 20:51, when user pete unsuccessfully
attempted to su to user root.
Look for entries where an unauthorized user has used the command inappropriately. The following
entry shows a successful (indicated by +) su from user userid to root.
SU 03/31 12:52 + pts/0 <userid>-root
Reference: /var/log/sulog, Solaris System Logs

Show Hint

Leave a Reply 3

Your email address will not be published. Required fields are marked *