how can i enable logging to a file every time as user uses the su command to switch to root or any other user?
Previously i was achieving this by adding an entry to cs-auth file as below
echo "session required pam_unix.so" >> /etc/pam.d/cs-auth
But in the CentOS release 6.6 release i have a system-auth file so what change needs to be made to system-auth file such that i can enable su logging?
Found a similar question but no suitable answer. Linux Log all the su to root messages
su logging is by default present in centos 6.6 machine and can be added by adding the below entry
echo "session required pam_unix.so"
to /etc/pam.d/system-auth and logs are present in the file /var/log/secure.