Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

.profile controls

Status
Not open for further replies.
RaulGB

RaulGB

MIS
Oct 29, 2002
10
BO
Hi,

We are currently working in AIX 4.3.3, and experiencing some problems that we need to find out the cause rather urgently.

The .profile file of each user allows them to get into the application that they are working on, right after finishing their work (i.e. exiting the application), the .profile issues an "exit" command in order to get them out of the server, but we are suspicious that some users might be finding a way to get out of the application and ending up at the prompt (skipping the "exit" command), this is what we are trying to prevent, is there a way you can suggest us that will allow us to do this?

Another thing that we would want to do is to enable some auditing software that will allow us to check exactly what commands are being issued by each user, right now, what we have is the ".sh_history" file that we can check for each user, but this file can be deleted so it would be untraceable to see what each user is doing.

Thanks in advance for your help.

Randal.
 
Sort by date Sort by votes
Randal

Can you show an example of a .profile that you are using? Also do you suspect malicious activity or simple bone-headedness. The former is a continuous strugle the later can be easier to manage?

JRjr[morning]
 
Upvote 0 Downvote
Randal:

You might consider changing the history file of the user when he logs in and save it when he logs out. Assuming you are runnning ksh, /etc/.kshrc executes when a new shell is spawned. Within this program, set the history file name:

readonly HISTFILE=/var/tmp/.sh_history.$histfile_filename

where $histfile_filename is something like:
histfile_filename=$(date +%y%m%d-%H%M%S`-$$.$LOGNAME)

declaring HISTFILE readonly prevents the user from changing it.

Also, in /etc/.kshrc, you can set:

trap "/etc/.logout" 0

which is the name of the script that executes when the user logs out. This would be a good place to do something with HISTFILE.

With a little thought you might be able to save off the history file each time the user logs in. Of course, if the user has the command line, he can modify the histfile, but even if they delete it, you can get an idea.

Regards,

Ed
 
Upvote 0 Downvote
The problem is that the users are halting processing of the .profile before reaching exit. You should launch the user application via "exec", this will terminate the session even if the user breaks out by sending an interrupt. ie. instead of ...

# user .profile file
:
run_user_app
exit

...use...

# user .profile file
:
exec run_user_app
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

manrique83
  • Locked
  • Question
Calling Function from Profile in Shell Script
Replies
5
Views
176
SamBones
SamBones
hok1man
  • Locked
  • Question
change bash profile
Replies
7
Views
84
Annihilannic
Annihilannic
telemorgan
  • Locked
  • Question
invoke oracle profile
Replies
3
Views
71
PHV
PHV
WiccaChic
  • Locked
  • Question
use .profile to determine IP address and kill session based on it
Replies
7
Views
91
chipperMDW
chipperMDW
linuxMaestro
  • Locked
  • Question
How do i edit my .profile to have a unix commad run automatically?
Replies
5
Views
68
chipperMDW
chipperMDW

Part and Inventory Search

Sponsor

Back
Top