Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

How to enforce user to Enter text when login to a UNIX / Linux system?

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting How to enforce user to Enter text when login to a UNIX / Linux system?
# 1  
Old 08-11-2017
How to enforce user to Enter text when login to a UNIX / Linux system?
Hi.

I inject my tracklogin.sh script in the profile of each user.

Code:
$ more .profile
./tracklogin.sh
#       This is the default standard profile provided to a user.
MAIL=/usr/mail/${LOGNAME:?}


Code:
bash-3.2$ more tracklogin.sh
#!/bin/bash
tdate=$(date +"%d%m%y")
mkdir -p /tmp/root_log 2>/dev/null
chmod -R 775 /tmp/root_log
echo User `id` logged in at:`date`>>/tmp/root_log/logs_$tdate
 
read -p "Enter Reason for Login:" reason
while [[ $reason == '' ]] # While string is different or empty...
do
    echo "Enter a valid string" # Ask the user to enter a valid string
    read -p "Enter Reason for Login: " reason # Ask the user to enter a string
done
echo "Reason for Login:$reason">>/tmp/root_log/logs_$tdate

This script reads and enforce the user to enter the reason he/she is login to the system.

However, if the user issues "Ctrl+C" my tracklogin.sh script terminates and the user is able to login to the system which i don't want.

Can you tell me how can i enforce the user to be able to login only after giving some justification ?
# 2  
Old 08-11-2017
How about using a "restricted shell"? man bash:
Quote:
-r If the -r option is present, the shell becomes restricted (see RESTRICTED SHELL below).
Or, in your above "injection", did you consider trapping the relevant signals?
# 3  
Old 08-11-2017
Hammer & Screwdriver
Quote:
Originally Posted by RudiC
How about using a "restricted shell"? man bash:

Or, in your above "injection", did you consider trapping the relevant signals?
I m unaware of these suggestions.

While i try to study them and how to use them... more insight on how they can help Smiliewould be appreciated Smilie
# 4  
Old 08-11-2017
You realize, of course, anyone can go and trash /tmp/root_log/logs_$tdate ?
This User Gave Thanks to Corona688 For This Post:
mohtashims
# 5  
Old 08-11-2017
Tools
Quote:
Originally Posted by Corona688
You realize, of course, anyone can go and trash /tmp/root_log/logs_$tdate ?
Yes, i m testing this out. once good with the scripts i will change the log location.

Thank you for your attention though.

---------- Post updated at 02:45 PM ---------- Previous update was at 02:40 PM ----------

Quote:
Originally Posted by RudiC
How about using a "restricted shell"? man bash:

Or, in your above "injection", did you consider trapping the relevant signals?

Based on your suggestions, I tried the below in tracklogin.sh

Code:
trap "echo Bye Bye ...; exit; exit" 2

But when i login i get the below error for tracklogin.sh

Code:
bash: ./tracklogin.sh: restricted: cannot specify `/' in command names

Can you tell me how i can overcome this error?

i then decided to run tracklogin.sh in debug mode i see the below output:

Code:
bash -x tracklogin.sh
++ date +%d%m%y
+ tdate=110817
+ mkdir -p /tmp/root_log
+ chmod -R 777 /tmp/root_log
++ id
++ date
+ echo User 'uid=51371(user1)' 'gid=24(webuser)' logged in at:Fri Aug 11 14:36:28 CDT 2017
+ trap 'echo Bye Bye...; exit; exit' 2
+ read -p 'Enter Reason for Login:' reason
Enter Reason for Login:^C++ echo Bye Bye...
Bye Bye...
++ exit

It seems to catch the trap but how do i force the user out of the system ?
# 6  
Old 08-11-2017
Well, the exit should do exactly that.
# 7  
Old 08-11-2017
Hammer & Screwdriver
Quote:
Originally Posted by RudiC
Well, the exit should do exactly that.
No it does not. Please see the below observation.

I put this trap code in tracklogin.sh

Code:
trap "exit;" 2

and inject the tracklogin.sh in my .profile as shown in the OP.

When I login to the server it prompts me for Reason.

But when I press Crtl+C it Does Not log me out.

Instead I can continue without being enforced or killed out of the server.

Please see the output below.

Code:
IF YOU DO NOT CONSENT, LOG OFF NOW.
 
##################################################################
# *** This Server is using Centrify                          *** #
# *** Remember to use your Active Directory account          *** #
# ***    password when logging in                            *** #
##################################################################
 
Using keyboard-interactive authentication.
(AD: corp.bank.int) Password:
Password will expire in 6 days
Last login: Fri Aug 11 15:54:29 2017 from uggs00811
Sun Microsystems Inc.   SunOS 5.10      Generic January 2005
Enter Reason for Login:^C$ hostname
Mymac1
$ id
uid=51371(user1) gid=24(webuser)

Can you please suggest ??
Last edited by mohtashims; 08-11-2017 at 06:08 PM..
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. UNIX and Linux Applications

Help with AT&T UNIX SYSTEM V Version 4 Console Login

Hello I install AT&T UNIX System V Release 4 Version 2.1 (3.5) on Emulator Bochs 2.6.8 here I done with all Base .img file upload after uploading 10 the base img file System take restart and after that System ask for console Login. which is as root and password set by me. But it will NOT allow... (7 Replies)
Discussion started by: Akshay Nalange
7 Replies

2. AIX

Successful user login, yet system claims invalid info

I have four AIX 6.1.7.4 systems freshly built and ready for our DBAs to do their work. Of the three one runs into an odd issue while logging in as himself, using Putty with ssh protocols. He logs in successfully, but also gets the following error message: : 3004-300 You entered an invalid login... (2 Replies)
Discussion started by: Mike Brendan
2 Replies

3. UNIX for Dummies Questions & Answers

Unix user login class

Hello - Could anyone please explain what is login class in unix..? is it supported by Linux, AIX, HP-UX, Solaris? Also how do we update this when a user is created? I looked into man pages for useradd/usermod and mkuser, but could not find any option to add/update login class for a user. ... (5 Replies)
Discussion started by: manju--
5 Replies

4. Solaris

How to enforce login as specific user in Solaris

Hi, I need to implement something that will enforce login to a Solaris server as a particular, specifed user. After this login stage, users will be able to "su -" to whichever user they wish, by which time their activity will be captured by some sort of script (yet to be written). What I need... (7 Replies)
Discussion started by: jamiegeo1
7 Replies

5. UNIX for Dummies Questions & Answers

System list of all UNIX login accounts

What is the command to list all UNIX system login accounts? What is the command to list all system password parameters for UNIX(minimum length, complexity,age, invalid lockout attempts, expiration date , user inactivity lockout) (1 Reply)
Discussion started by: ma466
1 Replies

6. SCO

Help adding user login in Unix Sco

We have made numerous requests to our system administrator to add new employees at login screen ( passwords not required ) to no avail. I can login into root but not sure how to proceed from there. We have a 10 yr. old version of SCO Can anyone help? I know very few unix commands okay... (1 Reply)
Discussion started by: houseostyle
1 Replies

7. UNIX for Dummies Questions & Answers

How can i enter to another system using linux...

I m using linux os...and my friend using windows....we both having internet connection...Is there any possible to enter his system from my system using this internet connection..... (1 Reply)
Discussion started by: stalin2020
1 Replies

8. Solaris

How to check the last login user were doing in the system

Hi, I'm new to solaris/ Unix and would like to know how to check in the system what was the last login user were doing. Is there any way to check this? Thanks in advanced. (1 Reply)
Discussion started by: raziayub
1 Replies

9. HP-UX

Hp-Unix user login file collection

Dear All, how to check the unix log file which mean how many(who) user has been log in the server for the day, when they log in & when they log out? (8 Replies)
Discussion started by: whl123
8 Replies
Login or Register to Ask a Question