Solved

How to trap who is running a script and log it?

Posted on 2011-02-14
8
450 Views
Last Modified: 2012-05-11
Hello,

I have a script that can be executed by processes or users on our AIX box, the script contains the following:

#!/bin/sh
DLC=${DLC-/usr1/dlc};export DLC
PROSHUT=${PROSHUT-$DLC/bin/_mprshut}
trap "" 13
exec $PROSHUT "$@"

Open in new window


How can I edit the above code so that it traps which process or user is running the script and log it to a file? Would there be something I can add to the code in the original file?

Thanks.
0
Comment
Question by:mirde
8 Comments
 
LVL 40

Expert Comment

by:omarfarid
ID: 34889969
you can add line at the beginning of the script

username >> /path/to/logfile

the file logfile should be writable by all users
0
 
LVL 1

Expert Comment

by:ltost
ID: 34890000
Sure, just put something like this into it:
echo `date`  `whoami` >> /tmp/spy.out

Open in new window


That will log the user with a timestamp to the file /tmp/spy.out
0
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 250 total points
ID: 34890200
Hi,

the drawback of the above solutions is that the logfile must be writeable by all users, so all users can manipulate it.

I'd suggest using syslog.

Add a line to /etc/syslog.conf like:

local3.info /var/adm/local3.log

Then issue:

touch  /var/adm/local3.log
and
refresh -s syslogd

Now add to your script:

logger -t "$0" -p local3.info "Run by user $(whoami) with PID $$ on $(hostname)"

Take care that your script itself is not writeable by anybody but root.

wmp

0
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

 
LVL 77

Expert Comment

by:arnold
ID: 34891889
There are many options.
Is this an SUID script.
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 34892000
AIX does not support SUID scripts.
0
 
LVL 48

Expert Comment

by:Tintin
ID: 34894391
There are almost no *nix versions that support SUID scripts.

woolmilkporc's solution is the best as you can restrict the permissions on the log file.
0
 
LVL 77

Expert Comment

by:arnold
ID: 34897027
You could have each user append data to a <username> named file and have a process that monitors this directory that would take the data and add it into a file that the users/processes  have no access to.
0
 

Author Closing Comment

by:mirde
ID: 34967106
worked like a charm
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

My previous tech tip, Installing the Solaris OS From the Flash Archive On a Tape (http://www.experts-exchange.com/articles/OS/Unix/Solaris/Installing-the-Solaris-OS-From-the-Flash-Archive-on-a-Tape.html), discussed installing the Solaris Operating S…
Background Still having to process all these year-end "csv" files received from all these sources (including Government entities), sometimes we have the need to examine the contents due to data error, etc... As a "Unix" shop, our only readily …
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question