|
|
Sponsored Content
Top Forums
Shell Programming and Scripting
Check when user exits SUDO
Post 302653669 by ZeroBR on Saturday 9th of June 2012 06:00:36 PM
06-09-2012
Check when user exits SUDO
Hello to everyone,
I'm new here and would like to thank everybody for the upcoming support, I know that I will have my question answered here, this community is huge.
First of all, I´m a DBA and work on a daily basis on Unix environments of all kinds (HP-UX, Solaris, AIX, etc). I have low knowledge on UNIX since I started messing with it for a short while.
Although I'm a DBA, I'm very curious to learn UNIX and Linux, because I used Windows for my entire life, now that I was introduced to UNIX I'm finding it awesome.
I have a question that you might help me with it:
For example, I have my username and password on all UNIX environments that we work, and to do DBA tasks, we must "sudo su - oracle" (to gain access to oracle user permissions), to do things related to oracle binaries.
What I'm trying to accomplish is, when we got our oracle crontab altered, when I do the first "exit" command (to exit sudo of oracle), I want to check that something is changed on the cron (like a commented line) and give me a warning message.
For example:
I'm logged into Oracle user by sudo'ing it. I edit the crontab (crontab -e), I put a # to comment a line on the cron then save it (we usually to this to avoid jobs running and erroring due to maintenance window). When I log out of Oracle by issuing "Exit", is there any way to display something like this:
"There is a commented job on your crontab, please check".
Well, of course my script will not have a history of the cron and will not do analysis of what actually is the current job commented. But only check for a special character (like #) or if something changed since the last login to oracle user.
Is that possible? I have little to almost none knowledge of shell scripting, so a patient explanation might be necessary.
Thank you very much for your support.
I'm new here and would like to thank everybody for the upcoming support, I know that I will have my question answered here, this community is huge.
First of all, I´m a DBA and work on a daily basis on Unix environments of all kinds (HP-UX, Solaris, AIX, etc). I have low knowledge on UNIX since I started messing with it for a short while.
Although I'm a DBA, I'm very curious to learn UNIX and Linux, because I used Windows for my entire life, now that I was introduced to UNIX I'm finding it awesome.
I have a question that you might help me with it:
For example, I have my username and password on all UNIX environments that we work, and to do DBA tasks, we must "sudo su - oracle" (to gain access to oracle user permissions), to do things related to oracle binaries.
What I'm trying to accomplish is, when we got our oracle crontab altered, when I do the first "exit" command (to exit sudo of oracle), I want to check that something is changed on the cron (like a commented line) and give me a warning message.
For example:
I'm logged into Oracle user by sudo'ing it. I edit the crontab (crontab -e), I put a # to comment a line on the cron then save it (we usually to this to avoid jobs running and erroring due to maintenance window). When I log out of Oracle by issuing "Exit", is there any way to display something like this:
"There is a commented job on your crontab, please check".
Well, of course my script will not have a history of the cron and will not do analysis of what actually is the current job commented. But only check for a special character (like #) or if something changed since the last login to oracle user.
Is that possible? I have little to almost none knowledge of shell scripting, so a patient explanation might be necessary.
Thank you very much for your support.
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Morning guys, I'm hoping you can advise me as to whether or not the following is possible.
Is there a way of firing off an scp command with a sudo user as the user?
e.g. I am logged onto server1 as smith, but want to pull files from server2 that I can only read as sudo jones.
In my mind it... (3 Replies)
Discussion started by: dlam
3 Replies
2. Linux
Hi all,
What the difference between the sudo users & RBAC when the talk of effects after doing the above comes???
any differences between them ,kindly list ?? (1 Reply)
Discussion started by: saurabh84g
1 Replies
3. AIX
How can I from within a script, find out if that script was started using 'sudo' and by a valid soduer ? (1 Reply)
Discussion started by: Browser_ice
1 Replies
4. AIX
I have installed sudo on AIX 6100-04 and want to know how do I set it up for a user to be able to run only some commands? I want to give the user the rights to only cd to certain directories and run the ls command to name a few? Are there any issues with running sudo when the user is forced to... (2 Replies)
Discussion started by: daveisme
2 Replies
5. UNIX for Dummies Questions & Answers
I am trying to run a command from different user on my server. However when i execute the command it asks for password can you please help.
when i use this command to switch user no password is required
1) sudo su - bilbtf42
when i use
2) sudo su - bilbtf42 cp file1 direcotry1/file1
... (3 Replies)
Discussion started by: blackeyed
3 Replies
6. UNIX for Dummies Questions & Answers
Hi folks,
Here is my question of the day 8-)
I have to provide the ability to sudo su - orapd2 & sudo su - pd2adm for the following people
User A, B, C, D which all of them are part of the group staff.
orapd2 and pd2adm are also users. Users A, B, C, D should not type the password for... (2 Replies)
Discussion started by: 300zxmuro
2 Replies
7. Shell Programming and Scripting
I need to write a script, where I have to get names of files that are to be deleted from a user and have to delete those files when he exits session.
How to set a particular command to be run as soon as user exits from a session?
Can somebody help?
I have to write a script on linux system.... (3 Replies)
Discussion started by: yashashri
3 Replies
8. AIX
Hello All,
I am trying to grant sudo privileges to a set of users (say tom and jerry) to sudo to another set of users (jim, harry). This is because we don't want to disclose the password of jim and harry.
I did defined the user_alias and runas alias.
%wms ALL = (USR) /usr/bin/su -, where wms... (7 Replies)
Discussion started by: ibmtech
7 Replies
9. UNIX for Beginners Questions & Answers
Hi
In live system core files are generating frequently. around 10 core files in 30 mins in root file system. which is eating my space very much
below is core file
core.56539
core.78886
core.12302
core.80554
core.20147
I am trying to write a script which should move... (7 Replies)
Discussion started by: scriptor
7 Replies
10. Solaris
Hi,
I always use "sudo -U user -l" as root and it gives me list of sudo access, that person have. But on one Solaris server, I can't run it. recently only I installed latest patchset on this server. Not sure, if that changed something on this. However, sudo package is showing old one.
# id -a... (1 Reply)
Discussion started by: ron323232
1 Replies
LEARN ABOUT OSX
crontab
CRONTAB(1) BSD General Commands Manual CRONTAB(1) NAME
crontab -- maintain crontab files for individual users (V3) SYNOPSIS
crontab [-u user] file crontab [-u user] { -l | -r | -e } DESCRIPTION
The crontab utility is the program used to install, deinstall or list the tables used to drive the cron(8) daemon in Vixie Cron. Each user can have their own crontab, and they are not intended to be edited directly. (Darwin note: Although cron(8) and crontab(5) are officially supported under Darwin, their functionality has been absorbed into launchd(8), which provides a more flexible way of automatically executing commands. See launchctl(1) for more information.) If the /usr/lib/cron/cron.allow file exists, then you must be listed therein in order to be allowed to use this command. If the /usr/lib/cron/cron.allow file does not exist but the /usr/lib/cron/cron.deny file does exist, then you must not be listed in the /usr/lib/cron/cron.deny file in order to use this command. If neither of these files exists, then depending on site-dependent configuration parameters, only the super user will be allowed to use this command, or all users will be able to use this command. The format of these files is one username per line, with no leading or trailing whitespace. Lines of other formats will be ignored, and so can be used for com- ments. The first form of this command is used to install a new crontab from some named file or standard input if the pseudo-filename '-' is given. The following options are available: -u Specify the name of the user whose crontab is to be tweaked. If this option is not given, crontab examines ``your'' crontab, i.e., the crontab of the person executing the command. Note that su(1) can confuse crontab and that if you are running inside of su(1) you should always use the -u option for safety's sake. -l Display the current crontab on standard output. -r Remove the current crontab. -e Edit the current crontab using the editor specified by the VISUAL or EDITOR environment variables. The specified editor must edit the file in place; any editor that unlinks the file and recreates it cannot be used. After you exit from the editor, the modified crontab will be installed automatically. FILES
/usr/lib/cron/cron.allow /usr/lib/cron/cron.deny DIAGNOSTICS
A fairly informative usage message appears if you run it with a bad command line. SEE ALSO
crontab(5), compat(5), cron(8), launchctl(1) STANDARDS
The crontab command conforms to IEEE Std 1003.2 (``POSIX.2''). The new command syntax differs from previous versions of Vixie Cron, as well as from the classic SVR3 syntax. AUTHORS
Paul Vixie <paul@vix.com> BSD
December 29, 1993 BSD