Solved

How to trap who is running a script and log it?

Posted on 2011-02-14
8
449 Views
Last Modified: 2012-05-11
Hello,

I have a script that can be executed by processes or users on our AIX box, the script contains the following:

#!/bin/sh
DLC=${DLC-/usr1/dlc};export DLC
PROSHUT=${PROSHUT-$DLC/bin/_mprshut}
trap "" 13
exec $PROSHUT "$@"

Open in new window


How can I edit the above code so that it traps which process or user is running the script and log it to a file? Would there be something I can add to the code in the original file?

Thanks.
0
Comment
Question by:mirde
8 Comments
 
LVL 40

Expert Comment

by:omarfarid
ID: 34889969
you can add line at the beginning of the script

username >> /path/to/logfile

the file logfile should be writable by all users
0
 
LVL 1

Expert Comment

by:ltost
ID: 34890000
Sure, just put something like this into it:
echo `date`  `whoami` >> /tmp/spy.out

Open in new window


That will log the user with a timestamp to the file /tmp/spy.out
0
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 250 total points
ID: 34890200
Hi,

the drawback of the above solutions is that the logfile must be writeable by all users, so all users can manipulate it.

I'd suggest using syslog.

Add a line to /etc/syslog.conf like:

local3.info /var/adm/local3.log

Then issue:

touch  /var/adm/local3.log
and
refresh -s syslogd

Now add to your script:

logger -t "$0" -p local3.info "Run by user $(whoami) with PID $$ on $(hostname)"

Take care that your script itself is not writeable by anybody but root.

wmp

0
ScreenConnect 6.0 Free Trial

Explore all the enhancements in one game-changing release, ScreenConnect 6.0, based on partner feedback. New features include a redesigned UI, app configurations and chat acknowledgement to improve customer engagement!

 
LVL 77

Expert Comment

by:arnold
ID: 34891889
There are many options.
Is this an SUID script.
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 34892000
AIX does not support SUID scripts.
0
 
LVL 48

Expert Comment

by:Tintin
ID: 34894391
There are almost no *nix versions that support SUID scripts.

woolmilkporc's solution is the best as you can restrict the permissions on the log file.
0
 
LVL 77

Expert Comment

by:arnold
ID: 34897027
You could have each user append data to a <username> named file and have a process that monitors this directory that would take the data and add it into a file that the users/processes  have no access to.
0
 

Author Closing Comment

by:mirde
ID: 34967106
worked like a charm
0

Featured Post

ScreenConnect 6.0 Free Trial

At ScreenConnect, partner feedback doesn't fall on deaf ears. We collected partner suggestions off of their virtual wish list and transformed them into one game-changing release: ScreenConnect 6.0. Explore all of the extras and enhancements for yourself!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Background Still having to process all these year-end "csv" files received from all these sources (including Government entities), sometimes we have the need to examine the contents due to data error, etc... As a "Unix" shop, our only readily …
Why Shell Scripting? Shell scripting is a powerful method of accessing UNIX systems and it is very flexible. Shell scripts are required when we want to execute a sequence of commands in Unix flavored operating systems. “Shell” is the command line i…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

822 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question