Unix/Linux Go Back    


Shell Programming and Scripting BSD, Linux, and UNIX shell scripting — Post awk, bash, csh, ksh, perl, php, python, sed, sh, shell scripts, and other shell scripting languages questions here.

Shell commands and ps and server logs

Shell Programming and Scripting


Reply    
 
Thread Tools Search this Thread Display Modes
    #1  
Old Unix and Linux 04-13-2018   -   Original Discussion by cptkirkh
cptkirkh's Unix or Linux Image
cptkirkh cptkirkh is offline
Registered User
 
Join Date: Aug 2016
Last Activity: 22 May 2018, 1:06 PM EDT
Posts: 7
Thanks: 1
Thanked 0 Times in 0 Posts
Shell commands and ps and server logs

Good afternoon all!! I am writing a shell script that will generate a random phrase to be used as a password.

this is the line I use to generate the password


Code:
echo `head -n 10 /dev/urandom | tr -cd "[:alnum:]*+,-/:;<=>?_" | cut -c '1-'$3`

The third input in the command is the length of the password i want to use.

What I do next is login to a Oracle DB and change a user accounts password using what was generated. I would prefer that password nor its generation of it be discover via ps or anything like that. My question is what gets captured by the server in the /proc/PID/ folders or any server logs? Is there a way to work around any of that being captured? Thanks.


Moderator's Comments:
Shell commands and ps and server logs Please use CODE tags as required by forum rules!

Last edited by RudiC; 04-13-2018 at 05:05 PM.. Reason: Added CODE tags.
Sponsored Links
    #2  
Old Unix and Linux 04-14-2018   -   Original Discussion by cptkirkh
RudiC's Unix or Linux Image
RudiC RudiC is offline Forum Staff  
Moderator
 
Join Date: Jul 2012
Last Activity: 26 May 2018, 11:07 AM EDT
Location: Aachen, Germany
Posts: 12,755
Thanks: 416
Thanked 3,922 Times in 3,606 Posts
I'm not sure I understand your request correctly, and even less I know about what Oracle permits and provides in terms of password input.
You might supply the generated password on stdin via a pipe, or using a temp file, or a FIFO. Unfortunately, I'm not able to test any of these proposals.
Sponsored Links
    #3  
Old Unix and Linux 04-15-2018   -   Original Discussion by cptkirkh
Chubler_XL's Unix or Linux Image
Chubler_XL Chubler_XL is offline Forum Staff  
Moderator
 
Join Date: Oct 2010
Last Activity: 24 May 2018, 10:39 PM EDT
Posts: 3,529
Thanks: 154
Thanked 1,259 Times in 1,153 Posts
How about this:



Code:
LEN=${3:-8}
NEW_PASS=$(/usr/bin/openssl rand -base64 $LEN)

    #4  
Old Unix and Linux 4 Weeks Ago   -   Original Discussion by cptkirkh
cptkirkh's Unix or Linux Image
cptkirkh cptkirkh is offline
Registered User
 
Join Date: Aug 2016
Last Activity: 22 May 2018, 1:06 PM EDT
Posts: 7
Thanks: 1
Thanked 0 Times in 0 Posts
sorry for not making that clearer. What I am trying to achieve is a script that doesn't have the info it generates it either ps or in a server log file. Can that be achieved by a pipe or is there a better way?
Sponsored Links
    #5  
Old Unix and Linux 4 Weeks Ago   -   Original Discussion by cptkirkh
Corona688's Unix or Linux Image
Corona688 Corona688 is offline Forum Staff  
Mead Rotor
 
Join Date: Aug 2005
Last Activity: 25 May 2018, 3:04 PM EDT
Location: Saskatchewan
Posts: 22,680
Thanks: 1,179
Thanked 4,324 Times in 3,987 Posts
What shows in ps is commandline arguments.

What do you do right now?
Sponsored Links
    #6  
Old Unix and Linux 4 Weeks Ago   -   Original Discussion by cptkirkh
Chubler_XL's Unix or Linux Image
Chubler_XL Chubler_XL is offline Forum Staff  
Moderator
 
Join Date: Oct 2010
Last Activity: 24 May 2018, 10:39 PM EDT
Posts: 3,529
Thanks: 154
Thanked 1,259 Times in 1,153 Posts
Who are you trying to hide the information from? If the user(s) has root access than there is very little that can be done.

If they don't have root access then the auditing logs shouldn't be readable, and unless they have the same userid that ran the password change script, they will not be able to look in the /proc/<pid> files either.

Is the oracle DB hosted on the same server? Are you using the ALTER USER command to change the password or something else? How are you getting this command to Oracle?
Sponsored Links
    #7  
Old Unix and Linux 3 Days Ago   -   Original Discussion by cptkirkh
cptkirkh's Unix or Linux Image
cptkirkh cptkirkh is offline
Registered User
 
Join Date: Aug 2016
Last Activity: 22 May 2018, 1:06 PM EDT
Posts: 7
Thanks: 1
Thanked 0 Times in 0 Posts
The oracle DB is hosted on the same server and yes i am using alter user. What i am really trying to determine is if i create a password on the fly inside of a script and assign it to a variable and then sqlplus in via oracle wallet will they variable that holds the password be viewable by someone snooping on the server? I would assume if they were good enough and got ahold of either the oracle account or the root account on the server then yes they would. Would those be the only two?
Sponsored Links
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Linux More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
Shell script file movement to a Mail Box server using ftp commands developer.dwh9 Open Source 2 03-05-2015 09:24 AM
Shell Script for viewing multiple logs from multiple server peeyush Shell Programming and Scripting 1 10-23-2013 05:05 PM
logs of commands performed by users prpkrk UNIX for Dummies Questions & Answers 1 10-14-2011 06:31 AM
Can BASH execute commands on a remote server when the commands are embedded in shell bash_in_my_head Shell Programming and Scripting 1 12-04-2008 12:51 AM
Shell script to view logs of a server abhishek27 Shell Programming and Scripting 1 06-24-2008 06:06 AM



All times are GMT -4. The time now is 11:50 AM.