HPE Community
Operating System - HP-UX
1760556 Members
2611 Online
108894 Solutions
New Discussion юеВ

remsh and running certain commands .. PATH ??

 
SOLVED
Go to solution
someone_4
Honored Contributor

тАО11-17-2000 07:54 AM

тАО11-17-2000 07:54 AM

remsh and running certain commands .. PATH ??

Ok i am working on a script that will remsh into differnt boxes and collect certain information. I ran into problems when i was trying to run the "ioscan -krnC " command.
I would get ioscan not found. But when I went and added the "PATH=/usr/bin;/usr/sbin;ioscan
-kfnC " It works. My question is where in the remote box is it set what PATH you have when you log in though remote shell? The reson I think there is a setting is because doing a ping command : remsh boxname "ping 000.000.00.000" it works .. running the same command to a differnt box it does not work unless I add
remsh boxname2 "PATH=/usr/bin;/usr/sbin;ping 000.000.00.000" then it works. This leads me to think that there is something differnt between the 2 boxes. Anyone have any advice?
thanks
0 Kudos
Reply
7 REPLIES 7
Rainer_1
Honored Contributor

тАО11-17-2000 08:03 AM

тАО11-17-2000 08:03 AM

Solution

Re: remsh and running certain commands .. PATH ??

By default, remsh uses the following path when executing the specified command:

/usr/bin:/usr/ccs/bin:/usr/bin/X11:

the following command line sets up the environment for the remote command before
executing the remote command:

remsh otherhost . .profile 2>&- \; command

(extracted from man remsh)
Reply
Patrick Wallek
Honored Contributor

тАО11-17-2000 08:15 AM

тАО11-17-2000 08:15 AM

Re: remsh and running certain commands .. PATH ??

When writing scripts I find that it is generally easier to just go ahead and fully qualify all your commands in the script. That way if you do run into path problems, it shouldn't be a problem.

Just my 2 cents.
Reply
someone_4
Honored Contributor

тАО11-17-2000 08:52 AM

тАО11-17-2000 08:52 AM

Re: remsh and running certain commands .. PATH ??

whose profile is the .profile in your command talking about ?? what actully will adding that do?
0 Kudos
Reply
Kofi ARTHIABAH
Honored Contributor

тАО11-17-2000 09:39 AM

тАО11-17-2000 09:39 AM

Re: remsh and running certain commands .. PATH ??

Richard:

Part of unix security 101 is that you should always endeavor to execute a command with its full path ie. /usr/sbin/ioscan

the reason is that a malacious user could place a substitute ioscan command on the first directory of the path and get their version of ioscan to do some nasty stuff.

Bottom line, modify your scripts to specify the full path to the command. A shortcut is to define the variable

IOSCAN="/usr/sbin/ioscan"

and use:

$IOSCAN -fnC disk

etc.

My 2 cents.
nothing wrong with me that a few lines of code cannot fix!
Reply
Dan Hetzel
Honored Contributor

тАО11-19-2000 11:47 PM

тАО11-19-2000 11:47 PM

Re: remsh and running certain commands .. PATH ??

Hi Richard,

I totally agree with Kofi. You should, for security reasons, always use fully qualified program names when running remote commands.

if your remote program needs special environment variables (i.e. PATH) why don't you encapsulate it within a script. It would be easier as you won't have to bother with those variables anymore.

My 2 cents...

Dan
Everybody knows at least one thing worth sharing -- mailto:dan.hetzel@wildcroft.com
Reply
Rainer_1
Honored Contributor

тАО11-20-2000 01:16 AM

тАО11-20-2000 01:16 AM

Re: remsh and running certain commands .. PATH ??

the .profile is taken from user home directory.
you check that with remsh pwd
All settings from .profile will be executed by remsh before command is taken
Reply
Shannon Petry
Honored Contributor

тАО11-20-2000 07:13 AM

тАО11-20-2000 07:13 AM

Re: remsh and running certain commands .. PATH ??

Well, if you are running remsh to other hosts, you can pretty much remove security from the picture. :)
If you were security conciense, you would run the command on the local box, and mail the results to the admin box.

It is best still to do 1 of 2 things mentioned. 1 specify the path in your script.
PATH="/usr/sbin:/sbin:/sbin:/etc:/bin"
This would mean you are probably running what you want to run.
If you have doubts, set your commands to variables. I do this in mixed OS environments. and for portability of scripts.

case `uname` in
HP-UX)
XTERM='/usr/bin/X11/xterm'
PING='/etc/ping'
;;
SunOS )
XTERM='/usr/openwin/bin/xterm'
PING='/usr/bin/ping'
;;
esac
You get the Idea I think.

Hope it helps.
Shannon
Microsoft. When do you want a virus today?
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.