Subject: Re: Execute script every time a specified user logs
in (FreeB SD 6.1)
gs_stoller at juno.com
gs_stoller at juno.com
Thu Jan 18 02:47:11 UTC 2007
A simple technique is to have /etc/profile check for user X and for him
source another file (containing the commands which X can't modify). Have root
own this file and allow all others to only read and execute it. sudo is unnecessary.
This is inelegant in that it has a general and widely used file look for special cases,
but that is something that almost all programs do. This inelegancy is present in other
places in UNIX .
The text of the preceding emails is attached.
-------------- next part --------------
On 17 Jan 2007 21:42:49, Todor Dragnev <todor.dragnev at gmail.com> wrote
To: George.Vanev at gmail.com
Cc: Pieter de Goeje <pieter at degoeje.nl>, freebsd-questions at freebsd.org
> You can attach script to auth.info;authpriv.info in syslog.conf and
> listen for login events...
> man syslog.conf(5) - look for vertical bar(pipe) functionality
> On Jan 17, 2007, at 18:46 , George Vanev wrote:
>> On 1/17/07, Pieter de Goeje <pieter at degoeje.nl> wrote:
>>>
>>> On Wednesday 17 January 2007 11:49, George Vanev wrote:
>>>> Every time user X (for example) logs in the system I want to execute some script.
>>>> The user must not have the permission to change this behavior.
>>>> Also the script must be run as root.
>>>> Something like crontab, but depending on logins, not time
>>>>
>>>> Any ideas?!
>>> If this user logs in via SSH you can use the ForceCommand keyword in
>>> sshd_config(5) to execute your script. The root part can be
>>> achieved with sudo(8) .
>>>
>>> Regards,
>>> Pieter de Goeje
>>>
>>
>> Thanks, nice idea. But it seems I can't use it.
>> Let me be more specific:
>> If user X logs in then I want to run "/usr/bin/script -aq /path/user_X"
>> The file user_X must be protected from modifying/deleting
>>
>> Could this be done?!
>>
>> --
>> George Vanev
A simple technique is to have /etc/profile check for user X and for him
source another file (containing the commands which X can't modify). Have root
own this file and allow all others to only read and execute it. sudo is unnecessary.
This is inelegant in that it has a general and widely used file look for special cases,
but that is something that almost all programs do. This inelegancy is present in other
places in UNIX .
More information about the freebsd-questions
mailing list