Operating System - HP-UX
1748086 Members
4888 Online
108758 Solutions
New Discussion юеВ

Re: how to implement script command in a .cshrc ( csh)

 
sstan
Frequent Advisor

Re: how to implement script command in a .cshrc ( csh)

HI Dennis,

i try the method put the "exec $fscript " at last line in .login, the .cshrc environment variable is source,
But i want to change the file ownership created by the script to root user so the user would not able to edit the file, but i insert the line :
/usr/bin/chown root:sys $fscript, and after i check the files ownership is not modified to be owned by root users, mayb once it something to do with "exec " behaviour ? anyway to overcome this, if i put the chown line before the script it will complain the file not found cause files haven;t created. Right.

source /sgx/login/super1/.cshrc
setenv tstamp `date +%d%m%Y-%H%M%S`
setenv fscript /sgx/core/tslog/log-$tstamp
exec script $fscript
/usr/bin/chown root:sys $fscript
Dennis Handly
Acclaimed Contributor

Re: how to implement script command in a .cshrc ( csh)

>But i want to change the file ownership created by the script to root user so the user would not able to edit the file

I assume this means everything else works? If so great!

>but i insert the line:
/usr/bin/chown root:sys $fscript, and after i check the files ownership is not modified to be owned by root users, maybe once it something to do with "exec" behaviour?

Where did you insert that line? (Ah after)

>if i put the chown line before the script it will complain the file not found cause files haven't created.
source /sgx/login/super1/.cshrc
setenv tstamp `date +%d%m%Y-%H%M%S`
setenv fscript /sgx/core/tslog/log-$tstamp
exec script $fscript
/usr/bin/chown root:sys $fscript

Hopefully another "simple solution". :-)
You can't have that line after exec since it does NOT return.

You can put it before:
touch $fscript
/usr/bin/chown root:sys $fscript
exec script $fscript

I assume you have changed or have the permissions so this user can write to it?

This is contradictory with your request:
>But i want to change the file ownership created by the script to root user so the user would not able to edit the file,

So the only way to do that is to redirect stdin to a file. And when you invoke script you need to redirect stdin to /dev/tty.

Forget that. Remove the eval and just do:
script $fscript
/usr/bin/chown root:sys $fscript
exit

I think script will read from stdin until "exit".
Then it will come back to the chown and exit.

Control C seems to be handled by script and won't be broken out of your jail. The only problem is the user can write junk to $fscript.

The only solution is to make $fscript a named pipe. At least he can't overwrite the beginning.
The pipe would have to have a root logger to continuously read from it.
sstan
Frequent Advisor

Re: how to implement script command in a .cshrc ( csh)

HI Dennis,
you are right .
If the user smart enough, before the file ownership change to root owner, they will modified the script file within the session before typing exit command, cause the chown only executed at the end of the " script " command exit.
Tor-Arne Nostdal
Trusted Contributor

Re: how to implement script command in a .cshrc ( csh)

Hi Avalanche.
This topic (using script command during login) have been discussed several times before...

See f.ex.
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1163248

It ain't a good idea, and you might create some workarounds.

Perhaps you could rather limit what the user is allowed to do (like with sudo)?

/2r
I'm trying to become President of the state I'm in...
sstan
Frequent Advisor

Re: how to implement script command in a .cshrc ( csh)

thanks all.