Shell commands and ps and server logs


 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting Shell commands and ps and server logs
# 1  
Old 04-13-2018
Shell commands and ps and server logs

Good afternoon all!! I am writing a shell script that will generate a random phrase to be used as a password.

this is the line I use to generate the password
Code:
echo `head -n 10 /dev/urandom | tr -cd "[:alnum:]*+,-/:;<=>?_" | cut -c '1-'$3`

The third input in the command is the length of the password i want to use.

What I do next is login to a Oracle DB and change a user accounts password using what was generated. I would prefer that password nor its generation of it be discover via ps or anything like that. My question is what gets captured by the server in the /proc/PID/ folders or any server logs? Is there a way to work around any of that being captured? Thanks.


Moderator's Comments:
Mod Comment Please use CODE tags as required by forum rules!

Last edited by RudiC; 04-13-2018 at 06:05 PM.. Reason: Added CODE tags.
# 2  
Old 04-14-2018
I'm not sure I understand your request correctly, and even less I know about what Oracle permits and provides in terms of password input.
You might supply the generated password on stdin via a pipe, or using a temp file, or a FIFO. Unfortunately, I'm not able to test any of these proposals.
# 3  
Old 04-15-2018
How about this:

Code:
LEN=${3:-8}
NEW_PASS=$(/usr/bin/openssl rand -base64 $LEN)

# 4  
Old 04-23-2018
sorry for not making that clearer. What I am trying to achieve is a script that doesn't have the info it generates it either ps or in a server log file. Can that be achieved by a pipe or is there a better way?
# 5  
Old 04-23-2018
What shows in ps is commandline arguments.

What do you do right now?
# 6  
Old 04-23-2018
Who are you trying to hide the information from? If the user(s) has root access than there is very little that can be done.

If they don't have root access then the auditing logs shouldn't be readable, and unless they have the same userid that ran the password change script, they will not be able to look in the /proc/<pid> files either.

Is the oracle DB hosted on the same server? Are you using the ALTER USER command to change the password or something else? How are you getting this command to Oracle?
# 7  
Old 05-22-2018
The oracle DB is hosted on the same server and yes i am using alter user. What i am really trying to determine is if i create a password on the fly inside of a script and assign it to a variable and then sqlplus in via oracle wallet will they variable that holds the password be viewable by someone snooping on the server? I would assume if they were good enough and got ahold of either the oracle account or the root account on the server then yes they would. Would those be the only two?
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Open Source

Shell script file movement to a Mail Box server using ftp commands

Hi All, I have a current Process that runs "windows script " for the file movement that needs to changed to a "DataStage Process (Using shell script )" Source :Text file is getting generated as part of Datastage Jobs processes and resides in a shared drive (Unix server) Target :ftp... (2 Replies)
Discussion started by: developer.dwh9
2 Replies

2. UNIX for Dummies Questions & Answers

How to keep server out of logs?

Hi, there you may read some anonymous services like VPN service dont keep logs of their members activity. So i want to ask how i can make my personal linux servers be without any logs of accessing IPs, hostnames. I know there is "/var/log/lastlog", but are there any other files in default... (2 Replies)
Discussion started by: postcd
2 Replies

3. Red Hat

Comprehensive Disk & Server Logs.

Hello All, I'm using a RHEL6.4 on IBM X3850 X5 server. I want to get a comprehensive report containing disk-wise health status as well as overall server status. I see there's utility "ibm_utl_dsa_dsytd3h-9.51_portable_rhel6_x86-64.bin" which is also used to do diagnostics tasks. I'm not sure of... (1 Reply)
Discussion started by: vaibhavvsk
1 Replies

4. Shell Programming and Scripting

Shell Script for viewing multiple logs from multiple server

I am new to Shell scripting and below is my requirement. I need to search some specific word e.g. "exception" or "transaction" from log file. We have multiple env e.g. Level1 , Level2 etc and each env have Multiple boxes e.g. For Level 1 env we have "test11.test.com" , "test12.test.com". Each... (1 Reply)
Discussion started by: peeyush
1 Replies

5. UNIX for Dummies Questions & Answers

logs of commands performed by users

Hi, when 2 users are logged as root , how can i find witch one had perform witch command? Thanks, (1 Reply)
Discussion started by: prpkrk
1 Replies

6. Solaris

Login and logout logs in server

Hi, Can you please let me know how can and where we will find the logs. ie,which user is login and logout from server and by using which ip address they accessed server. please let me know the steps and folder, file names to trace the logs from server . we are using System = SunOS 5.10. Please... (10 Replies)
Discussion started by: kancherla.sree
10 Replies

7. Red Hat

Sending all apache logs to Syslog Server

Hi All, I need to send all apache logs to local syslog and then to syslog server (STRM – Security Threat response manager). I follow these steps:- vi /etc/httpd/conf/httpd.conf Added these lines :- ErrorLog syslog:local1 LogLevel notice Then in syslog.conf:- local1.crit... (3 Replies)
Discussion started by: sidhurana
3 Replies

8. UNIX for Dummies Questions & Answers

File Server Logs - Samba and Netatalk

I have installed a linux file server and it works great. At my location we have a mix of Mac & Windows systems. Netatalk and Samba are setup on the server. The problem is recently someone has deleted file or files haven't been put on the server properly. Two different departments are pointing... (1 Reply)
Discussion started by: odysseus1977
1 Replies

9. Shell Programming and Scripting

Can BASH execute commands on a remote server when the commands are embedded in shell

I want to log into a remote server transfer over a new config and then backup the existing config, replace with the new config. I am not sure if I can do this with BASH scripting. I have set up password less login by adding my public key to authorized_keys file, it works. I am a little... (1 Reply)
Discussion started by: bash_in_my_head
1 Replies

10. Shell Programming and Scripting

Shell script to view logs of a server

Please share a shell script to collect logs of a server (like cpu utilization, memory etc) for a perticular time interval by giving date, time and server name as input. (1 Reply)
Discussion started by: abhishek27
1 Replies
Login or Register to Ask a Question