Solved

Telnet eviction script ofr AIX and scheduleing with cron

Posted on 1998-02-19
19
871 Views
Last Modified: 2013-12-23
We are running AIX and need a script to kill a telnet connection by user name.  The syntax needs to be EVICT <Login Name>.  The script needs to go find all entrys for that user and kill the sessions.  There will be two that need to be killed.
  The first will be "imsrun" which needs a kill -15
  The second is the shell which will need a kill -9

The manual way we do this is:

We Type:
ps -futest

Output:
  UID  PID     PPID   C      STIME          TTY    TIME  CMD
test  69054   93078  0  07:54:18  pts/13  0:43  imsrun LOGON
test  93078   53140  0  07:54:15  pts/13  0:00  -bsh

We Type:
kill -15 69054
kill -9 93078


That kills the session.  It would also be nice to kill the telnet daemon if possible.

The second part is a script that gets the list of currently logged in users and calls the first script to kill each one except several that need to stay logged in.  I also need to know how to schedule this for 23:00 using cron.

Thanks for the help.
0
Comment
Question by:unitymtg
  • 11
  • 8
19 Comments
 
LVL 32

Expert Comment

by:jhance
Comment Utility
Here are two /bin/sh scripts which should do the job:

First, evict.sh

#!/bin/sh

echo "Evicting $1"
PROCS=`ps -fu $1`
for i in "$PROCS"
do
        PID2KILL=`echo "$i" | awk '{ print $2}'`
        for j in $PID2KILL
        do
                if [ "$j" != "PID" ]
                then
                        echo  "kill -9 $j"
                fi
        done
done


and then kill-users.sh

!/bin/sh

USERS=`who`
EXCEPT=root

for i in "$USERS"
do
        NAME=`echo "$i" | awk '{ print $1 }'`
        NAME=`echo "$NAME" | sort -u`
        for j in $NAME
        do
                if [ $j != $EXCEPT ]
                then
                        evict.sh $j
                fi
        done
done

To schedule this at 2300, dump your current crontab like this:

crontab -l >my_crontab

edit my_crontab and add a line like:

0 23 * * * /path/to/kill-users.sh

then load it into your crontab with crontab <my_crontab

That should do it...
0
 

Author Comment

by:unitymtg
Comment Utility
Two questions before I accept the answer.  1. Where does the kill -15 to the imsrun process come into play? 2. How do I add more users to the exception list?

Thanks,
Rob
0
 
LVL 32

Expert Comment

by:jhance
Comment Utility
!/bin/sh

USERS=`who`
EXCEPT=root joe bob fred

for i in "$USERS"
do
        NAME=`echo "$i" | awk '{ print $1 }'`
        NAME=`echo "$NAME" | sort -u`
        for j in $NAME
        do
            DOKILL=1
            for k in $EXCEPT
            do
                      if [ $j == $k ]
                      then
                              DOKILL=0
                      fi
            done

            if [ $DOKILL == 1 ]
            then
                  evict.sh $j
            fi
        done
done

As far as killing imsrun with "-15" you could do this:


#!/bin/sh

echo "Evicting $1"
PROCS=`ps -fu $1`
for i in "$PROCS"
do
        PID2KILL=`echo "$i" | awk '{ print $2}'`
      PROC=`echo "$i" | awk '{ print $8}'`
        for j in $PID2KILL
        do
                if [ "$j" != "PID" ]
                then
                  if [ $PROC = "imsrun" ]
                  then
                        kill -15 $j
                  else
                              kill -9 $j
                  fi
                fi
        done
done
0
 
LVL 32

Expert Comment

by:jhance
Comment Utility
Let me also suggest a good book:

Unix Shell Programming by Kochan and Wood.  Hayden Books, ISBN 0-672-48448-X
0
 

Author Comment

by:unitymtg
Comment Utility
Thanks for the help.  I'll try it tonight and accept your answer if it works.

Thanks,
Rob
0
 

Author Comment

by:unitymtg
Comment Utility
Thanks, I'll get the book.  The script almost works.  This last problem again relates to the kill -15 or kill -9.  PID2KILL and PROC contain a list of the processes (plus the header) and the CMD repectively.  The script steps through the PID2KILL variable but not the PROC variable so the  if [ $PROC = "imsrun" ]  statement is alway false.  $PROC contains:

CMD
imsrun LOGON
-bsh

.  How do we step through the PROC variable at the same time that we step through the PID2KILL or tie the current PID to the current PROC?

Thanks,
Rob
0
 
LVL 32

Expert Comment

by:jhance
Comment Utility
I had a typo in the following if [ $PROC = "imsrun" ] line:

if [ $PROC == "imsrun" ]


0
 

Author Comment

by:unitymtg
Comment Utility
FOund one logic problem.  If the shell was the first process encountered, the shell will be killed before the imsrun process.  I will therefore run through the PID2KILL list twice, first for the imsrun processes, then for the shells.
 Therefore, I decided to get the imsrun part working first.  I entered the following code into a script in the bin directoryy called "evict"

#!/bin/sh

echo "Evicting $1"
PROCS=`ps -fu $1`
for i in "$PROCS"
  do
    PID2KILL=`echo "$i" | awk '{ print $2}'`
    PROC=`echo "$i" | awk '{ print $8}'`
    for j in "$PID2KILL"
      do
        if [ "$j" != "PID" ]; then
          if [ $PROC == "imsrun" ]; then
            echo "Killing imsrun process# $j"
            kill -15 $j
          fi
        fi
    done
done  

When I run a second telnet session and logon as ga1, then go back to my root user and type "evict ga1", I get the following message:

/usr/bin/evict[12]: imsrun: 0403-012 A test command parameter is not valid.

0
 
LVL 32

Expert Comment

by:jhance
Comment Utility
/usr/bin/evict[12]: imsrun: 0403-012 A test command parameter is not valid.

The test command is the part in "[]" of:

 if [ $PROC == "imsrun" ];

Since "imsrun" is OK, you might put an "echo $PROC" before this and see that is in the variable.
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 

Author Comment

by:unitymtg
Comment Utility
I get a line of output before the error that says "CMD -bsh imsrun"
0
 

Author Comment

by:unitymtg
Comment Utility
If I encolse the $PROC in "" then I don't get the error, put =="imsrun" is never try because the list is not being stepped through.
0
 

Author Comment

by:unitymtg
Comment Utility
Sorry about the last comment.  What I was trying to say was that if I enclose the $PROC in "" and remove one of the commas, I do not get an error, but the =="imsrun" portion is never true because the $PROC variable is never being stepped through.
0
 

Author Comment

by:unitymtg
Comment Utility
Sorry about the last comment.  What I was trying to say was that if I enclose the $PROC in "" and remove one of the commas, I do not get an error, but the =="imsrun" portion is never true because the $PROC variable is never being stepped through.
0
 

Author Comment

by:unitymtg
Comment Utility
Sorry again, I meant if I remove one of the "="
0
 
LVL 32

Expert Comment

by:jhance
Comment Utility
Sorry about being slow to get back with you.  I was out of town all day and just got back.  Let me work on this tomorrow and post a correction then.  I'm not at my AIX machine and can't check it for sure...
0
 
LVL 32

Expert Comment

by:jhance
Comment Utility
I just can't get this script to work right under AIX!!  I can get it working under LINUX and SunOS but not on the IBM.  Do you have PERL available?  If so, I'll post a PERL version that works fine.
0
 

Author Comment

by:unitymtg
Comment Utility
 I don't know, but I will find out.  In the mean time, I will reopen the question.  If someone is able to help, I'll give you the 400 points and give them 50 or something.  Hope that's OK with you.
  If someone else can get the script working, or knows if PERL comes with AIX 4.2.6 I would appriciate help.

THanks,
Rob
0
 
LVL 32

Accepted Solution

by:
jhance earned 400 total points
Comment Utility
OK, I think I've got this now...


#!/bin/sh
IFS="["

echo "Evicting $1"
PROCS=`ps -fu $1 | sed 's/$/[/g' | sed 's/  / /g'`
for i in $PROCS
do
        PID2KILL=`echo $i | awk '{ printf("%s", $2)}'`
        PROC=`echo $i | awk '{ printf("%s", $8)}'`
        if [ $PID2KILL != "PID" ]; then
                if [ $PROC = "imsrun" ]; then
                        echo "kill -15 $PID2KILL"
                        kill -15 $PID2KILL
                else
                        echo "kill -9 $PID2KILL"
                        kill -9 $PID2KILL
                fi
        fi
done
0
 

Author Comment

by:unitymtg
Comment Utility
I got the following script working.  Thank you immensely for your help.

Rob

#!/bin/sh

echo "Evicting $1..."
PROCS=`ps -fu $1 | sed 's/$/[/g' | sed 's/ /[/g'`

for i in $PROCS; do
  IMSPID=`echo $i | awk -F [ '{print $8}'`
  SHLPID=`echo $i | awk -F [ '{print $10}'`
  PROC=`echo $i | awk -F [ '{print $19}'`

  if [ "$PROC" = "imsrun" ]; then
    echo "Killing imsrun process #$IMSPID..."
    kill -15 $IMSPID
    echo "Killing shell process #$SHLPID..."
    kill -9 $SHLPID
  fi
done

0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
MAC Needs 2 Domains 2 42
Monitor bandwidth 3 35
Network Config 9 52
Homegroup issues 6 34
Article by: IanTh
Hi Guys After a whole weekend getting wake on lan over the internet working, I thought I would share the experience. Your firewall has to have a port forward for port 9 udp to your local broadcast x.x.x.255 but if that doesnt work, do it to a …
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now