I am a beginner programmer and would like to know where to start to modify the login process so that a user can login as username new password new and have it prompt user for username and password and nothing else and then create said user account on the system so they can ssh back in and login with the newly created account. A friend had accomplished this in perl but that was many moons and several versions of perl ago. Security is at the front of this project idea as this will be part of a free shell project aimed towards hackers.
Any shoves in the right direction would be welcomed.
This migh be a good start, but you probably want to research what login does (eg running /etc/profile and the like).
Code:
#!/bin/bash
trap 'exit 0' 1 2 3 15
printf "Username: "
read touser
trap - 1 2 3 15
if [ "$touser" = "new" ]
then
echo "Create a new user account here"
else
exec su - $touser
fi
The create of user account stuff is usually pretty system specific but you should aim at using system tools (eg adduser).
It dosn't seem like security is of a major concern here, but you should test well to ensure the user can't break out into a root shell from the createuser part of the script (for example using CTRL-C at a prompt).
This User Gave Thanks to Chubler_XL For This Post:
I'm hoping you mean 'hacker' in the good sense. I know, I know -- corruption of a perfectly good term, but that's something beyond our control.
If you don't have sudo installed, install it, you'll need it.
What shells do you have available?
The process I'd envision is
1) User logs into the 'new' account. Instead of running a shell, their account is configured(via usermod) to run a shell script as its login shell like this:
Code:
while [ -z "$NEWUSER" ]
do
printf "New username: " >&2
read NEWUSER || exit 1
if ! echo "$NEWUSER" | grep "^[a-z_][a-z0-9_-]*$" > /dev/null
then
echo "Usernames must be a-z_-" >&2
NEWUSER=""
continue
fi
if grep "^${NEWUSER}:" /etc/passwd > /dev/null
then
echo "${NEWUSER} already exists" >&2
NEWUSER=""
continue
fi
done
exec sudo /usr/local/sbin/newuser.sh "$NEWUSER"
thanks for the quick replies and to clear it up I mean the good sense of the word hacker. not crackers who break system security. This project is for those that want to fine tune their unix skills.
Sounds like a good project to me. I've considered such a thing but I'm having a hard time striking a balance between giving people sufficient access and preventing them from setting up botnets etc in it. All someone needs to do that is bash, cat, and chmod...
in the past we ran this project for several years during bsd 4.x days and we blocked a lot of processes from being executed such as irc clients and bots and eggdrops. We had to go as far as to make the logon banner display an IRC warning in romainian because of the high amount of traffic from that country. I am hoping this project will take off again in the first few months of inception before we had about 2400 users. We do a form of hardware logging with an old dot matrix line feed printer and that is the only logging we really do to cover our asses in case we do get a rogue hacker that decides to abuse privledges.
---------- Post updated at 11:43 PM ---------- Previous update was at 05:44 PM ----------
I was trying the method you posted but im using freebsd 8.2 there is no useradd or usermod to monkey with so I am at a slight brick wall of how to proceed with this method. I initially tried switching it out with adduser which ends up prompting a new user with far too many options. hehe. I also have many shells available such as bash and sh
Are you sure there's no useradd? Not having that is very weird.
[edit] ah, you're right, it doesn't. But 1.25 seconds of googling "freebsd useradd" found the equivalent in the very first hit.
Code:
...Then I "man pw", and found the usage of (pw) user add is a little different from the standard ones:
pw [-V etcdir] useradd [name|uid] [-C config] [-q] [-n name] [-u uid]
[-c comment] [-d dir] [-e date] [-p date] [-g group] [-G grouplist]
[-m] [-k dir] [-w method] [-s shell] [-o] [-L class] [-h fd | -H fd]
[-N] [-P] [-Y]
In FreeBSD, it should be "pw useradd username -g groupname", and not "pw useradd -g groupname username".
now i have logged in username : ramesh in unix
Now i have to created script file to login into another user and have run a command inside that user and after executing the command i have to exit from that user.
Inside script, i have to login into su - ram along with password : haihow and have to... (4 Replies)
Hi Every body,
I would need a shell script program to login as different user and perform some copy commands in the script.
example: Supppose ora_toms is the active user
ora_toms should be able to run a script where user: ftptomsp pass: XXX should login through and run the commands
... (9 Replies)
Hi there,
I have a Debian 5.0 server that my company uses for deployment testing. This server needs to be accessed by NOC people that have no NIX knowledge whatsoever.
I am creating a bash script for a menu-based command interface for the commands they need to run on their testing routines,... (21 Replies)
Hi guys,
I'm need to write a script that runs an infinite loop to check users that login/out of a server. I'm just not sure about the syntax with while loops and whether or not you can include a nested if-statement?
Cheers
Spaulds (2 Replies)
Hi all,
I would need a script to run only at the first login of a newly created user. And at the first time only. I did some googlework but unfortunatly... I made up it possibly had something to do with the bashrc file.
This script is some kind of info for the user ; with the possiblity to... (1 Reply)
Hi,
My requirement is that i am login from ROOT in a script but when any
command is coming which is logging to sqlplus then i have to run it with normal user as only normal user have permission to connect to sqlplus .
i tried making a script like this :
#! /bin/ksh
su -... (3 Replies)
I want to login to server using ssh or telnet and execute one command then exit to the shell
Please let me know how to write script for this? (1 Reply)
I need some help writing a script that I can run as a cron job. I want this script to be able find all the users that have logged on to this machine since the last time the script was run (plan to run daily at 11:30pm, so everyone who logged on that day) and email me who logged on, and when.
... (2 Replies)
I run freebsd 4.8 and try to find the way or 'a' way to log in a certain user i created automaticaly at pc boot.
I have searched the net, the manuals, but found nothing...
could anyone please get me going by showing me an example or what file(s) i need to take a look at.
i am not working... (6 Replies)
hi all,
what file(s) needs to be changed and in what way in order to do the following:
when user A logs onto freebsd 4.8 automaticaly he needs to start up a script a made that executes:
sets ltp0 in polling mode,
executes tn5250 keyboard mapping
starts tn5250 with the correct parameters.
... (2 Replies)
11-03-2011
