Subject: Re: Execute script every time a specified user logs in (FreeB SD 6.1)

gs_stoller at juno.com gs_stoller at juno.com
Thu Jan 18 02:47:11 UTC 2007 

 A simple technique is to have  /etc/profile  check for user  X  and for him
source another file (containing the commands which  X  can't modify).  Have  root 
own this file and allow all others to only read and execute it.   sudo  is unnecessary.
This is inelegant in that it has a general and widely used file look for special cases,
but that is something that almost all programs do.  This inelegancy is present in other
places in  UNIX .
The text of the preceding emails is attached.
-------------- next part --------------

On 17 Jan 2007 21:42:49, Todor Dragnev <todor.dragnev at gmail.com>  wrote
To: George.Vanev at gmail.com
Cc: Pieter de Goeje <pieter at degoeje.nl>, freebsd-questions at freebsd.org

> You can attach script to auth.info;authpriv.info in syslog.conf and  
> listen for login events...

> man syslog.conf(5) - look for vertical bar(pipe) functionality


> On Jan 17, 2007, at 18:46 , George Vanev wrote:

>> On 1/17/07, Pieter de Goeje <pieter at degoeje.nl> wrote:
>>>
>>> On Wednesday 17 January 2007 11:49, George Vanev wrote:
>>>> Every time user X (for example) logs in the system I want to execute some script.
>>>> The user must not have the permission to change this behavior.
>>>> Also the script must be run as root.
>>>> Something like crontab, but depending on logins, not time
>>>>
>>>> Any ideas?!
>>> If this user logs in via SSH you can use the ForceCommand keyword in
>>> sshd_config(5) to execute your script. The root part can be  
>>> achieved with  sudo(8) .
>>>
>>> Regards,
>>> Pieter de Goeje
>>>
>>
>> Thanks, nice idea. But it seems I can't use it.
>> Let me be more specific:
>> If user X logs in then I want to run "/usr/bin/script -aq /path/user_X"
>> The file user_X must be protected from modifying/deleting
>>
>> Could this be done?!
>>
>> -- 
>> George Vanev
	A simple technique is to have  /etc/profile  check for user  X  and for him
source another file (containing the commands which  X  can't modify).  Have  root 
own this file and allow all others to only read and execute it.   sudo  is unnecessary.
This is inelegant in that it has a general and widely used file look for special cases,
but that is something that almost all programs do.  This inelegancy is present in other
places in  UNIX .

More information about the freebsd-questions mailing list