Date: Thu, 18 Jan 2007 02:44:50 GMT From: "gs_stoller@juno.com" <gs_stoller@juno.com> To: pieter@degoeje.nl, George.Vanev@gmail.com Cc: freebsd-questions@freebsd.org Subject: Subject: Re: Execute script every time a specified user logs in (FreeB SD 6.1) Message-ID: <20070117.184525.20085.1692098@webmail29.nyc.untd.com>
next in thread | raw e-mail | index | archive | help
----__JWM__J2781.446bS.794bM Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Content-Type: text/plain A simple technique is to have /etc/profile check for user X and for= him source another file (containing the commands which X can't modify). H= ave root = own this file and allow all others to only read and execute it. sudo = is unnecessary. This is inelegant in that it has a general and widely used file look for= special cases, but that is something that almost all programs do. This inelegancy is p= resent in other places in UNIX . The text of the preceding emails is attached. ----__JWM__J2781.446bS.794bM Content-Type: text/plain Content-Description: login.tx.txt Content-Disposition: attachment; filename="login.tx.txt" Content-Transfer-Encoding: quoted-printable On 17 Jan 2007 21:42:49, Todor Dragnev <todor.dragnev@gmail.com> wrote = To: George.Vanev@gmail.com Cc: Pieter de Goeje <pieter@degoeje.nl>, freebsd-questions@freebsd.org > You can attach script to auth.info;authpriv.info in syslog.conf and = > listen for login events... > man syslog.conf(5) - look for vertical bar(pipe) functionality > On Jan 17, 2007, at 18:46 , George Vanev wrote: >> On 1/17/07, Pieter de Goeje <pieter@degoeje.nl> wrote: >>> >>> On Wednesday 17 January 2007 11:49, George Vanev wrote: >>>> Every time user X (for example) logs in the system I want to execut= e some script. >>>> The user must not have the permission to change this behavior. >>>> Also the script must be run as root. >>>> Something like crontab, but depending on logins, not time >>>> >>>> Any ideas?! >>> If this user logs in via SSH you can use the ForceCommand keyword in= >>> sshd_config(5) to execute your script. The root part can be >>> achieved with sudo(8) . >>> >>> Regards, >>> Pieter de Goeje >>> >> >> Thanks, nice idea. But it seems I can't use it. >> Let me be more specific: >> If user X logs in then I want to run "/usr/bin/script -aq /path/user_= X" >> The file user_X must be protected from modifying/deleting >> >> Could this be done?! >> >> -- >> George Vanev A simple technique is to have /etc/profile check for user X and for= him source another file (containing the commands which X can't modify). H= ave root own this file and allow all others to only read and execute it. sudo = is unnecessary. This is inelegant in that it has a general and widely used file look for= special cases, but that is something that almost all programs do. This inelegancy is p= resent in other places in UNIX . ----__JWM__J2781.446bS.794bM--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070117.184525.20085.1692098>