Getting the underlying user

[lokachari]

Hi,

We have a group of users. These users after they login into the
unix system with their login id, they will then login to a common
account by doing $su - <commonAcct>.
After this they will run a shell script.
Is there any way that we can capture in this program who the underlying user invoked this program.

Example:
Say user ABC logged into the unix system. Now he will do su
$ su - <commonAcct>
password:
$ sh <executeProgram.sh>
This program <executeProgram.sh> should capture the user ABC.

We are using HPUX11.0

Please let me know how I can do this.

Thanks in Advance
Chari

 

[EBGreen]

Yeah, you don't create generic accounts that everyone uses. Otherwise, what is the point of having individual accounts and user groups?

[red]"... isn't sanity really just a one trick pony anyway?! I mean, all you get is one trick, rational thinking, but when you are good and crazy, oooh, oooh, oooh, the sky is the limit!" - The Tick[/red]

 

[funkyd]

Try using sudo. It can create a "sudolog" of who invoked sudo to run a command and when.

- Funky D

 

[nawlej]

Yeah, you don't create generic accounts that everyone uses. Otherwise, what is the point of having individual accounts and user groups?

Its probably not that simple. For instance, Oracle requires you to have an account specific to it, and some things wont work unless theyre run as the user defined to it. iIn /var/adm/sulog, it holds all attempts to run the su command. man sulog.

___________________________________
[morse]--... ...--[/morse], Eric.

 

[lokachari]

We create a generic account because the people keep changing for this particular access. So it is difficult to take out the access from that person when he is leaving and give access to new persons etc. Rather you can add and remove people from that common account.

Also having a common account is easy to control.

Thanks
Chari

 

[spamly]

Not sure about HPUX, but if you threw a "whoami" into the script, would this capture what you need?

 

[spamly]

Sorry, that should be "who am i".

 

[iribach]

have you s4r5 ptree ?

ptree pid-of-executeProgram.sh (this is $$)
gives you all father proc-id, now using
ps you sure are able to get the info.

 

[lokachari]

Seems like HPUX does not support ptree command. When I type man ptree... it says no entry.

 

[iribach]

google for it

 

[iribach]

or mk by hand
following the ppid of pid in ps output
and the pppid of ppid
...until you find the login shell of pid

 

[stefanwagner]

a common group isn't easy to control?

seeking a job as java-programmer in Berlin:

http://home.arcor.de/hirnstrom/bewerbung

 

[Ygor]

To get real user name try:[tt] id -urn[/tt]

 

[new2me]

have you take a look into /var/adm/sulog ?

 

[PHV]

And what about logname ?
You may also take a look here:

http://www.tek-tips.com/faqs.cfm?spid=80&sfid=4602

Hope This Helps, PH.
Want to get great answers to your Tek-Tips questions? Have a look at FAQ219-2884 or FAQ222-2244

 

[dsanchez2]

For instance, Oracle requires you to have an account specific to it, and some things wont work unless theyre run as the user defined to it.

This is incorrect.

The only thing that Oracle requires is that only users belonging to a given Unix group (by default "dba") can obtain "SYSDBA" privilage. And this is only a requirement if Operating System authentication is being used.