Subject: Re: Execute script every time a specified user logs
in (FreeB SD 6.1)
Damian Wiest
dwiest at vailsys.com
Tue Jan 23 01:33:00 UTC 2007
> > On Jan 17, 2007, at 18:46 , George Vanev wrote:
>
> >> On 1/17/07, Pieter de Goeje <pieter at degoeje.nl> wrote:
> >>>
> >>> On Wednesday 17 January 2007 11:49, George Vanev wrote:
> >>>> Every time user X (for example) logs in the system I want to execute some script.
> >>>> The user must not have the permission to change this behavior.
> >>>> Also the script must be run as root.
> >>>> Something like crontab, but depending on logins, not time
> >>>>
> >>>> Any ideas?!
> >>> If this user logs in via SSH you can use the ForceCommand keyword in
> >>> sshd_config(5) to execute your script. The root part can be
> >>> achieved with sudo(8) .
> >>>
> >>> Regards,
> >>> Pieter de Goeje
> >>>
> >>
> >> Thanks, nice idea. But it seems I can't use it.
> >> Let me be more specific:
> >> If user X logs in then I want to run "/usr/bin/script -aq /path/user_X"
> >> The file user_X must be protected from modifying/deleting
> >>
> >> Could this be done?!
> >>
> >> --
> >> George Vanev
> A simple technique is to have /etc/profile check for user X and for him
> source another file (containing the commands which X can't modify). Have root
> own this file and allow all others to only read and execute it. sudo is unnecessary.
> This is inelegant in that it has a general and widely used file look for special cases,
> but that is something that almost all programs do. This inelegancy is present in other
> places in UNIX .
FWIW if you're really feeling up to it you can simply craft your own
shell for the user. You can write a short C program that forks a
process, and call execve() with your script in the child, and then
execve() with their desired shell in the parent.
I'm probably mistaken about this, but I didn't think /etc/profile was
necessarily executed should someone login via ssh.
-Damian
More information about the freebsd-questions
mailing list