Howto run privileged commands on login/logout
freebsd at edvax.de
Sun Feb 7 15:21:38 UTC 2010
On Sun, 07 Feb 2010 01:55:02 +0100, Erik Norgaard <norgaard at locolomo.org> wrote:
> I'm playing around with diskless operation. I'd like to be able to run
> privileged commands when a user logins or logs out:
You can handle this in two ways:
a) On a per-user basis, you can use the user's ~/.login and
~/.logout files; those are corresponding to the C Shell,
and assuming that csh is the dialog shell for the user.
b) On an all-users basis, you can use /etc/csh.login and
/etc/csh.logout to have all users perform the commands
you want to run.
> - on login, nfs mount the user's home directory (ok, not critical, I can
> mount /home)
As it has already been mentioned, it is easy to use amd
and / or automounter tool for that.
> - on logout a system reboot to clean up any temporary files left from
> the session.
A system reboot? To clean up temporary files? Caused by
an "ordinary" user? Excuse me, Sir, what strange country
are you from? :-)
Honestly, that's not neccessary. If you want to make sure
that all temporary files belonging to a specific user are
deleted upon user logout, you can simply let him do it by
his ~/.logout script, e. g. using "rm -rf /tmp"; this might
sound very violent, but it will only delete the user's
files from the /tmp subtree.
There are very few occassions you HAVE to reboot a BSD machine.
Cleaning temporary files is *not* one of them, especially
if you don't have clear_tmp_enable set to "YES" in /etc/rc.conf.
If temporary files are left in other directories you know
of, you can clean them as well.
> Is this possible, without messing arround with sudo or adding users to
> wheel or operator groups?
Of course. You can edit the permissions for the programs
you explicitely want to allow "ordinary" users to run,
e. g. the /sbin/shutdown binary.
A sidenote: If we're talking about X, the GiveConsole and
TakeConsole in /usr/local/lib/X11/xdm/ can be used. Those
are shell scripts that allow chown'ing and chmod'ing files
to specific users, as well as other things.
I know that a problem may occur when multiple users log in.
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
More information about the freebsd-questions