HPE Community
Operating System - HP-UX
1832977 Members
2593 Online
110048 Solutions
New Discussion

Re: Killing users

 
Vibert Hart
Occasional Advisor

‎07-05-2001 05:04 AM

‎07-05-2001 05:04 AM

Killing users

I have been allowing my Operators to kill users through restricted SAM for the past few months, but it now fail when they use their login. It seem to only work when I login as root and execute kill -9 or through sam. The permissions are OK on the kill script. What them?
Sys Admin
0 Kudos
Reply
15 REPLIES 15
vtpaulson
Frequent Advisor

‎07-05-2001 06:26 AM

‎07-05-2001 06:26 AM

Re: Killing users

Hi

Use scmd command instead....Its very simple to configure....

You can see the man page or docs.hp.com for more details...
0 Kudos
Reply
A. Clay Stephenson
Acclaimed Contributor

‎07-05-2001 06:44 AM

‎07-05-2001 06:44 AM

Re: Killing users

Hi,

However you kill processes, you should only use
kill -9 as a weapon of absolute last resort. Kill -9 does not cleanup and leaves shared memory segments and other IPC structures hanging around among other bad things. Start with kill -15, then kill -1, then kill -2. If those fail do a kill -11. Kill -11 is almost as sure a kill as kill -9 but does cleanup.

Regards, Clay
If it ain't broke, I can fix that.
0 Kudos
Reply
Vibert Hart
Occasional Advisor

‎07-05-2001 07:01 AM

‎07-05-2001 07:01 AM

Re: Killing users

I am using HP-UX 10.20, I cannot find the command scmd, neither a man of it.
Sys Admin
0 Kudos
Reply
Vibert Hart
Occasional Advisor

‎07-05-2001 07:19 AM

‎07-05-2001 07:19 AM

Re: Killing users

I tried all the suggestions but none of the kill options worked, I am still getting "permission denied". Some how I feel it's some file that is to written to does not have the right permissions.

Need futher help?

Thanks
Vibert
Sys Admin
0 Kudos
Reply
Jared Westgate_1
Valued Contributor

‎07-05-2001 10:47 AM

‎07-05-2001 10:47 AM

Re: Killing users

Hello Vibert,

Has this ever worked? Just to confirm what you're doing:

1. a non-root user is logging in
2. they try to kill a session they don't own
3. an "permission denied" error is returned.

If I understand correctly, unless you are root, you can only kill processes that you own.

Is the error you are receiving like this?
kill: : Permission denied.

If it is, then it is the kill command that saying you don't have permission to kill someone else's process.

Hope this helps,

Jared
0 Kudos
Reply
A. Clay Stephenson
Acclaimed Contributor

‎07-05-2001 10:53 AM

‎07-05-2001 10:53 AM

Re: Killing users

Hi:

You can use sudo to allow a process (including kill) to run as root.
Use this link: http://hpux.cs.utah.edu/hppd/hpux/Sysadmin/sudo-1.6.2b1/

Normally, it is a very bad thing to allow non-root users to kill another user's process. The bad news, it that they could kill init, cron,
inetd, and other vital processes.

Clay
If it ain't broke, I can fix that.
0 Kudos
Reply
Vibert Hart
Occasional Advisor

‎07-05-2001 11:36 AM

‎07-05-2001 11:36 AM

Re: Killing users

Jared:
The thing is that it was working before and is working on another of my servers. Besides the Operators are doing this through restricted SAM.

Clay:

I really don't want to use a third party tool for this

Thanks
Vibert
Sys Admin
0 Kudos
Reply
Mark Vollmers
Esteemed Contributor

‎07-05-2001 11:45 AM

‎07-05-2001 11:45 AM

Re: Killing users

If it was working before, and works on other servers, you might want to consider the very real possibility that one of the operators actually did take out some important file that is now affecting SAM or the kill command. If your servers are all the same, maybe you could compare them to see if there are any missing files. Just a thought.

Mark
"We apologize for the inconvience" -God's last message to all creation, from Douglas Adams "So Long and Thanks for all the Fish"
0 Kudos
Reply
Mark Vollmers
Esteemed Contributor

‎07-05-2001 12:20 PM

‎07-05-2001 12:20 PM

Re: Killing users

Also, have you rebooted since it stopped working? If a needed process was killed, rebooting will get it back up and running.

Mark
"We apologize for the inconvience" -God's last message to all creation, from Douglas Adams "So Long and Thanks for all the Fish"
0 Kudos
Reply
Vibert Hart
Occasional Advisor

‎07-05-2001 01:30 PM

‎07-05-2001 01:30 PM

Re: Killing users

Tried all of the above, none worked.
Sys Admin
0 Kudos
Reply
Paula J Frazer-Campbell
Honored Contributor

‎07-05-2001 11:30 PM

‎07-05-2001 11:30 PM

Re: Killing users

Hi
If it worked before and does not now then changes have been made.

As said before have your operators deleted/changed SAM files?

Has the passwd file been changed?
Do a diff against your backup passwd -
You do have one I hope.

Do a full backup and then go to a last known good ignite backup and recover to that, does it now work? If so what has changed.


HTH

Paula

If you can spell SysAdmin then you is one - anon
0 Kudos
Reply
Vincent Stedema
Esteemed Contributor

‎07-05-2001 11:54 PM

‎07-05-2001 11:54 PM

Re: Killing users

Hi,

Can you please post the output of

samlog_viewer -u -l V -n

Regards,

Vincent
0 Kudos
Reply
Alexander M. Ermes
Honored Contributor

‎07-06-2001 12:20 AM

‎07-06-2001 12:20 AM

Re: Killing users

Hi there.
Perhaps this script can help :

----------------------------------------------
script accessible by users
( /usr/local/bin/kill_em.sh ) :

#!/bin/sh
# this should kill off those goners who shut of their PC's
# in an not-so-ok fashion......
#
# rm /usr/tmp/kill_em
tput clear
echo "Please enter User-Id ! "
read userid
export userid
echo "exec >> /var/tmp/kill_proc.log 2>&1" >> /var/tmp/kill_em1.sh
ps -ef | grep ${userid} | grep -v daemon | grep -v root

--------------------------------------------
and add this line to the crontab of root

00,5,10,15,20,25,30,35,40,45,50,55 * * * * /usr/local/bin/kill_proc1.sh

---------------------------------------------
this is the script started by crontab of root
( /usr/local/bin/kill_proc1.sh )
#!/bin/sh
# this should kill off those goners who shut of their PC's
# in an not-so-ok fashion......
#
touch /var/tmp/kill_em1.sh
chmod 777 /var/tmp/kill_em1.sh
/var/tmp/kill_em1.sh
rm /var/tmp/kill_em1.sh

------------------------------------------

Rgds
Alexander M. Ermes
.. and all these memories are going to vanish like tears in the rain! final words from Rutger Hauer in "Blade Runner"
0 Kudos
Reply
Alexander M. Ermes
Honored Contributor

‎07-06-2001 12:38 AM

‎07-06-2001 12:38 AM

Re: Killing users

Hi there.
Sorry, first script is not complete and wrong name
should be
--------------------------------------------
/usr/local/bin/kill_proc.sh

#!/bin/sh
# this should kill off those goners who shut of their PC's
# in an not-so-ok fashion......
#
# rm /usr/tmp/kill_em
tput clear
echo "Please enter User-Id ! "
read userid
export userid
echo "exec >> /var/tmp/kill_proc.log 2>&1" >> /var/tmp/kill_em1.sh
ps -ef | grep ${userid} | grep -v daemon | grep -v root |
sort| awk '{print "kill -9 " $2}' >> /var/tmp/kill_em1.sh
chmod 777 /var/tmp/kill_em1.sh
---------------------------------------------
Rgds
Alexander M. Ermes
.. and all these memories are going to vanish like tears in the rain! final words from Rutger Hauer in "Blade Runner"
0 Kudos
Reply
John Waller
Esteemed Contributor

‎07-06-2001 04:09 AM

‎07-06-2001 04:09 AM

Re: Killing users

Did the permission of your kill script have a sticky bit on the user bit e.g -rwsr-xr-x. Also another possible answer, have you installed any patches which may have tightend a security loop hole. Some commands could be run by writting a script then have the SETUID set , but the commands they ran changed to look at the real and not effective User ID , e.g.the mount command was one which has effected me in the past.

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.