General
cancel
Showing results for 
Search instead for 
Did you mean: 

Users at command prompt - argh !!

 
HP System Handle Owner
Occasional Advisor

Users at command prompt - argh !!

Hi all,

I've written a menu system that I want users of a group 'ops' to be presented with when they login. However, with the command below in /etc/profile, when they logout, it takes them out to a command prompt. How can I get it to automatically log them out when they decide to exit the opsmenu MAIN module.

Cheers

id | grep "gid=.*(ops)" 1>/dev/null 2>&1 && su - root -c "/usr/local/bin/ops/opsmenu MAIN "

Cheers again
Not another questionnaire !!
8 REPLIES 8
RAC_1
Honored Contributor

Re: Users at command prompt - argh !!

at the end of the script say
exit "some_code"

you can use some_code to some further testing if you want.
There is no substitute to HARDWORK
Pete Randall
Outstanding Contributor

Re: Users at command prompt - argh !!

You might also want to put this in the login shell field of their /etc/passwd file entry rather than using /etc/profile.


Pete

Pete
James R. Ferguson
Acclaimed Contributor

Re: Users at command prompt - argh !!

Hi:

If you are going to take this approach, at the very least, disable user terminal interrupts in your "opsmenu" script so that a user cannot easily become root.

trap '' 1 2 3 #...HUP, INT, QUIT

Be aware, if you are not, that including any command like 'more', or 'elm' that offers the ability to "shell-out" will enable a user to become root. Caveat emptor!

Regards!

...JRF...
Geoff Wild
Honored Contributor

Re: Users at command prompt - argh !!

add
exit 0

to bottom of the user's .profile

Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
Bill Hassell
Honored Contributor

Re: Users at command prompt - argh !!

And an even better way is to replace the shell these limited users have with your menu script. Like all scripts should have, make sure the interpreter line is first:

#!/usr/bin/sh

Then you can either edit the passwd file and replace /usr/bin/sh with your script name (cumbersome and error-prone), or use the obscure command chsh as in:

chsh billh /usr/local/bin/ops/opsmenu

Since you can't put a parameter for a shell program in the passwd file, you'll need to wrapper the opsmenu with a specific option:

(a menu script called opsmenuMAIN)

#!/usr/bin/sh
set -u
PATH=/usr/bin
/usr/local/bin/ops/opsmenu MAIN
exit 0

I would not use su -c for the menu program at all. Instead, install sudo and then use it (only) in front of commands that require root privileges. sudo can limit the options allowed for a given command if needed. And sudo can log everything that the users type in.


Bill Hassell, sysadmin
Procnus
Frequent Advisor

Re: Users at command prompt - argh !!

We have a similar situation where I work. As well as a trap at the top of the .profile we also use a exec on the last line to run the command. The result being once the exec'd application exits there is no shell so the session shuts down.

Cheers
Steven
Mark Ellzey
Valued Contributor

Re: Users at command prompt - argh !!

Hi,

When you execute your menu script, just put an 'exec' in front of it, as in:

exec /usr/local/bin/ops/opsmenu

This will replace the current shell with a new one, and will log out on exit.

Regards,
Mark

P.S. Are you sure they need to su to root? Sounds kind of dangerous to me...

Just my 2cts.

Mark
Juan M Leon
Trusted Contributor

Re: Users at command prompt - argh !!

I tend to use Mark Ellzey is the best way to logout someone from a script.
exec /path/to/the/script.sh
When the script ends it will logout from the sh session.

good luck