• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 464
  • Last Modified:

How to trap who is running a script and log it?

Hello,

I have a script that can be executed by processes or users on our AIX box, the script contains the following:

#!/bin/sh
DLC=${DLC-/usr1/dlc};export DLC
PROSHUT=${PROSHUT-$DLC/bin/_mprshut}
trap "" 13
exec $PROSHUT "$@"

Open in new window


How can I edit the above code so that it traps which process or user is running the script and log it to a file? Would there be something I can add to the code in the original file?

Thanks.
0
mirde
Asked:
mirde
1 Solution
 
omarfaridCommented:
you can add line at the beginning of the script

username >> /path/to/logfile

the file logfile should be writable by all users
0
 
ltostCommented:
Sure, just put something like this into it:
echo `date`  `whoami` >> /tmp/spy.out

Open in new window


That will log the user with a timestamp to the file /tmp/spy.out
0
 
woolmilkporcCommented:
Hi,

the drawback of the above solutions is that the logfile must be writeable by all users, so all users can manipulate it.

I'd suggest using syslog.

Add a line to /etc/syslog.conf like:

local3.info /var/adm/local3.log

Then issue:

touch  /var/adm/local3.log
and
refresh -s syslogd

Now add to your script:

logger -t "$0" -p local3.info "Run by user $(whoami) with PID $$ on $(hostname)"

Take care that your script itself is not writeable by anybody but root.

wmp

0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
arnoldCommented:
There are many options.
Is this an SUID script.
0
 
woolmilkporcCommented:
AIX does not support SUID scripts.
0
 
TintinCommented:
There are almost no *nix versions that support SUID scripts.

woolmilkporc's solution is the best as you can restrict the permissions on the log file.
0
 
arnoldCommented:
You could have each user append data to a <username> named file and have a process that monitors this directory that would take the data and add it into a file that the users/processes  have no access to.
0
 
mirdeAuthor Commented:
worked like a charm
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now