09-22-2011
Well, for starters, your password's probably visible to anyone on the system who cares to run ps aux right now. (or whatever ps options for your system show the commandline parameters.) Putting it in a file nixes that.
As for file permissions, you could make the file owned by ldap or something and set 600, so only that user (or root) can read it. Then don't let anyone login to that account. And use sudo to run ldapsearch as that special user.
Nobody can get the password file unless they jump through your hoops, and the one way they're allowed to use it won't hand them the contents.
It won't be protected from root, of course. If the program needs to be given the password as plaintext, you can't protect the password from root, period.
Last edited by Corona688; 09-22-2011 at 02:48 PM..
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
There are 2 shell script files sh1 and sh2.
sh2 contains records such as 01 02 03 on different lines.
In sh1, I would like to read each record of sh2 till end of file, concatenate them with a comma(,) and store in a variable.
Can somebody please help me with the sh1 script?
Thanks in... (2 Replies)
Discussion started by: shsandeep
2 Replies
2. Shell Programming and Scripting
There are 2 shell script files sh1 and sh2.
sh2 contains records such as 01 02 03 on different lines.
In sh1, I would like to read each record of sh2 till end of file, concatenate them with a comma(,) and store in a variable.
Can somebody please help me with the sh1 script?
Thanks in... (6 Replies)
Discussion started by: shsandeep
6 Replies
3. Shell Programming and Scripting
I've just written a test harness using ksh.
One of scripts weighed in at 1206 lines.
I came across Eric Raymonds 'Art of Unix programming' on line and he advises against excessively large scripts.
I am very interested to hear people's opinions on this and any experiences they have had. (2 Replies)
Discussion started by: OFFSIHR
2 Replies
4. UNIX for Dummies Questions & Answers
Is HP UNIX and Korn different flavours of unix?
can a korn shell script be written on HP Unix? (4 Replies)
Discussion started by: soujanya_srk
4 Replies
5. IP Networking
Hi guys,
I very appreciate for answering to my previous query.
I have encountered another problem.I have a perl script to display required networking information like DNS,gateway,etc. to be changed in a remote computer which is to be added to a computing cluster.
I need a script which... (0 Replies)
Discussion started by: pranav.mehta3
0 Replies
6. Shell Programming and Scripting
I need to apply password protection to a xls file.I had looked at SpreadSheet::WriteExcel but problem being i dont want to write the contents of file again as the formatting the file would be a pain.
Is there way in which i write a entire file in one go , something like this
... (0 Replies)
Discussion started by: dinjo_jo
0 Replies
7. Red Hat
Hi there everyone. I'm trying to make a bash script that accepts some arguments ans give's back some info about LDAP users and servers.
I have this function :
has_group_access(){
result=$(ldapsearch -LLL "cn=${GROUP_NAME}" cn member | cut -d"," -f1 | cut -d":" -f2 | cut -d"=" -f2 | grep... (1 Reply)
Discussion started by: theboogymaster
1 Replies
8. Shell Programming and Scripting
Hi
$ cat ad.sh
ldapsearorg -x -LLL -h sb1131z.testbadbigcorp.org -D "CN=ADMINZZ,OU=AdminRoles,DC=testbadbigcorp,DC=org" -w "UT3w4f57lll--4...4" -b "OU=Test,DC=testbadbigcorp,DC=org" "(&(&(&(&(objectCategory=person)(objectClass=user)(lockoutTime:1.2.840.113556.1.4.804:=4294967295)))))" dn$... (3 Replies)
Discussion started by: slashdotweenie
3 Replies
9. Programming
Hello,
I am new on PHP scripting .I have shell scripts which I an running currently from linux server but now I want to make a web portal from where I will run all my scripts but the problem is all my scripts ask for parameters so I am getting confused how could I run my shell script from web... (2 Replies)
Discussion started by: anuragpgtgerman
2 Replies
10. Shell Programming and Scripting
I have to hit a very large database to pull fields of information.
I have a script that runs multiple instance of the same query against the data base and writes contents to a file.
The script terminates before the file is completely written to confirmed by
ps -ef | grep <script name>... (3 Replies)
Discussion started by: popeye
3 Replies
LEARN ABOUT CENTOS
monitor
MONITOR(8) System Manager's Manual MONITOR(8)
NAME
monitor - Directory Server script for monitoring database performance
SYNOPSIS
monitor [ -Z serverID ] [ -D rootdn ] [ -w password ] [ -b basedn ] [-P protocol] [-h]
DESCRIPTION
Retrieves performance monitoring information. To run this script, the server must be running.
OPTIONS
A summary of options is included below:
-Z Server Identifier
The server ID of the Directory Server instance. If there is only one instance on the system, this option can be skipped.
-D Root DN
The Directory Manager DN, or root DN. If not specified, the script will search the server instance configuration for the value.
-w password
The rootdn password.
-b basedn
The DN of a backend from cn=config.
-P Protocol
The connection protocol to connect to the Directory Server. Protocols are STARTTLS, LDAPS, LDAPI, and LDAP. If this option is
skipped, the most secure protocol that is available is used. For LDAPI, AUTOBIND is also available for the root user.
-h
Display the usage.
EXAMPLE
monitor -P STARTTLS
Note: security must be enabled to use protocol STARTTLS. If STARTTLS is not available it will default to next strongest/available
protocol automatically.
monitor -Z instance2 -D 'cn=directory manager' -w password -b 'cn=monitor,cn=userRoot,cn=ldbm database,cn=plugins,cn=config'
Note: You only need to bind as the root DN if you want to look at a backend monitor.
DIAGNOSTICS
Exit status is zero if no errors occur. Errors result in a non-zero exit status and a diagnostic message being written to standard error.
AUTHOR
monitor was written by the 389 Project.
REPORTING BUGS
Report bugs to http://bugzilla.redhat.com.
COPYRIGHT
Copyright (C) 2013 Red Hat, Inc.
Mar 5, 2013 MONITOR(8)