I want to customize a user in unix which could have only ftp access and NO TELNET ACCESS! .....
As being a newbie to unix to my understanding the user .profile has to be edited but if someone can explain how to edit it so that i can block telnet access for that user.....Is /etc/profile has to be edited or the local.profile in user home directry to be edited.???....
pls note i only want that user cld not telnet from his account but he should able to log in..in his account.
Pls if smebdy can help on dis.....moreover i hav a telnet block script..which u can see below..but how to implement it...
Here's the script portion in /etc/profile:
----------------------------------------
Code:
#
# Configure telnet access - root can always telnet to the server
#
if [ -f /etc/telnet.allow ] ; then
user_id=${LOGNAME}
telnetused=`/usr/bin/ps -f | grep "[t]elnetd" | grep -v "grep" | wc -l`
if [ -s /etc/telnet.allow ] ; then
userallowcount=`grep "^$user_id$" /etc/telnet.allow | wc -l`
else
userallowcount=0
fi
if [ $telnetused -gt 0 -a $userallowcount -eq 0 -a "Xroot" != "X${LOGNAME}" ] ; then
DATEE=`/usr/bin/date +%Y%m%d`
TIMEE=`/usr/bin/date +%H%M%S`
NDNAME=`/usr/bin/uname -n`
BASENM=`/usr/bin/basename $0`
#if [ -f /etc/ALIASNAME ] ; then
# ALIASNAME=`cat /etc/ALIASNAME`
#fi
echo "ERMS1311: Error - Telnet access is not allowed... Terminating"
if [ -f /usr/bin/logger ] ; then
/usr/bin/logger -t "login" "ERMS1311: Error - Telnet access for ${LOGNAME} is not allowed... Terminating...
"
fi
echo "ERMS1001: Error - YOU DO NOT HAVE TELNET ACCESS TO THIS SERVER"
echo "SESSION TERMINATING IN 10 SECONDS"
echo "${DATEE} : ${TIMEE} : ${NDNAME} : ${user_id} : ERMS1311 Telnet access not allowed" >> /var
/adm/log/security/telnet_deny.log
sleep 10
exit 99
fi
fi
-----------------------------------
Failures are logged to a log file in addition to being logged to syslog.log via logger.
User is temporarily given an error message for ten seconds prior to exiting the current telnet session.
Last edited by blowtorch; 09-22-2006 at 05:28 AM..
Reason: add code tags
hi..ya i tried..puttin dis script in etc/profile but not successful ...i was still able to telnet through that user account....although script seems fine..but i guess m not able to implement it correctly..!!
Try running the script in debug mode. Put "set -x" in the /etc/profile so that you can see exactly what your script is doing. You'll probably find where and what the script is failing to check so that you can fix it.
hi...i tried debuggin wid set -x but m not able to understand wat script tryin doin...heres a snapshot of d debuggin.. (loggin wid user: hero)..wen i do telnet from user account hero..
I think that the statement "grep [t]elnetd" is not working as you want it to. It should return 1 if a telnet session is running, but it isn't. Try removing the [] brackets.
Also, if your user's name is in the telnet.allow file, should the user get a session? If no, then you do not need to check for this,
You can just check:
Code:
if [ $(ps -ef |grep "telnetd"|grep -cv grep) -gt 0 -a "$LOGNAME" != "root" ]; then
### do your error stuff and exit
fi
If the user's name in the telnet.allow file allows the user to get a single telnet session, you can check this way:
Code:
if [ $(grep -c "$LOGNAME" /etc/telnet.allow) -eq 1 -a $(ps -ef |grep "telnetd"|grep "$LOGNAME" |grep -cv grep) -gt 1 -a "$LOGNAME" != "root" ]; then
### do your error stuff
fi
Hi all. So, first of all my apologies for the noob question. I've searched around for a way to make use of bash arrays to perform what I need, but I'm struggling to understand which method would be better.
So, I'm looking to get a bit more comfortable with scripting, hoping to use... (1 Reply)
I have an input file in this format (shown below). I have to select the lines which doesnt followed by 'miR-" and to save such lines into an output file. For easy identification they are shown here in blue color. They have to be selected. Pls. help me to write a shell script to select those lines... (5 Replies)
Hi Experts,
I am adding a column of numbers with awk , however not getting correct output:
# awk '{sum+=$1} END {print sum}' datafile
2.15291e+06
How can I getthe output like : 2152910
Thank you..
# awk '{sum+=$1} END {print sum}' datafile
2.15079e+06 (3 Replies)
Hello
I really wonder what's trap in etc/profile and in each user .profile.
I try to google for it but I think I have no luck. Mostly hit is SNMP traps which I think it is not the same thing.
I want to know ...
1. What's a "trap 2 3" means and are there any other value I can set... (4 Replies)
i want to write a script that if the time is 8 then it give a message that the time is 8 and if it is 9-10 then it gives a message that time to go to office like that.
can any one help me? (3 Replies)
Dear All,
forgive me as i am a complete beginner in shell scripting in UNIX.
I have a file with data similair to the following
8 McDonalds Sandwich 1.99
9 Mcdonalds Fries 1.20
13 McDonalds Milkshake 1.20
7 ... (9 Replies)
this is my script....
SQL> select * from dba_profiles
2 where resource_name in ('FAILED_LOGIN_ATTEMPTS','PASSWORD_LOCK_TIME')
3 order by profile;
and this is the output...
PROFILE RESOURCE_NAME RESOURCE... (2 Replies)
can someone pls help me with the script for a files coming from one system to a particular directory and i want to write a script to move those files to another directory on different system by renaming the files...
pls someone help me on this...
thanking in anticipation.... (1 Reply)
hi , i added ls -F to .profile. and i need to do ./.profile for the effect to take effect BUT i didnt and YET the next day when i came to work and log in, the changes took effect. i am on aix.
please explain..
thanks (4 Replies)
