HPE Community
Operating System - HP-UX
1825721 Members
3129 Online
109687 Solutions
New Discussion

Re: script help

 
SOLVED
Go to solution
Nick D'Angelo
Super Advisor

‎09-25-2003 07:11 AM

‎09-25-2003 07:11 AM

script help

Hello scriptors or is that scriptors?

I have two scripts currently that I use to try and tell me who has been idle for greater than 1 hour > which writes the users out to a file.txt.
Then the second script looks at this file.txt and does a grep to see if it is still connected to a db, Progress (_prog). If they are, then write out to a newfile.txt.

My questions are this: Can I combine the two, hopefully, so that the system can generate and send the user an email asking them to logoff when idle.
Secondly, my second script appears to be catching users that do NOT meet the grep syntax.

Suggestion/help appreciated.

script one to check for idle users > 1 hour

#!/usr/bin/ksh
HOST=$(hostname)
EVERY=1

MESSAGE="please consider logging out"
#SUBJECT="You are IDLE on $HOST"
rm /home1/nickd/scripts/idleusers.txt
get_user()
{
USER=$(echo $LINE|awk '{print $1}')
IDLE=$(echo $LINE|awk '{print $6}')
if [ "$IDLE" = "old" ]
then
echo $MESSAGE |mailx -s $SUBJECT $USER
#write $USER > /home1/nickd/scripts/idleusers.txt
else
IDLE_HOURS=$(echo $IDLE|awk '{FS=":";print $1}')
if [ "$IDLE_HOURS" -ge 1 ]
then
echo $USER >> /home1/nickd/scripts/idleusers.txt
#echo $MESSAGE |mailx -s $SUBJECT $USER
fi
fi
}
who -u|while read LINE
do
get_user $LINE
done

Script 2 to see if they are still connected to db:
!/bin/sh
rm /home1/nickd/scripts/testuser.txt
for i in $(cat /home1/nickd/scripts/idleusers.txt)
do
#cat /home1/nickd/scripts/idleusers.txt |grep _pro |tee -a foundPatterns.txt
#ps -ef | grep $i | grep _prog | grep notrim > /home1/nickd/scripts/dbidle.txt
ps -ef | grep $i | grep notrim > /home1/nickd/scripts/dbidle.txt
print $i >> /home1/nickd/scripts/testuser.txt
done


Always learning
0 Kudos
Reply
15 REPLIES 15
Kent Ostby
Honored Contributor

‎09-25-2003 07:24 AM

‎09-25-2003 07:24 AM

Re: script help

I think the trouble is that in #1, you identify users who have been on too long, BUT the same user may have a newer session that has been logged in an acceptable amount of time (i.e. multiple logins for the same user).

In your second script, you make no differentiation between the two.

I think in script 1 that you need to copy the tty/pty combo into the idle users file and check those in the grep of the ps -ef instead of the user name.

Best regards,

Kent M. Ostby
"Well, actually, she is a rocket scientist" -- Steve Martin in "Roxanne"
0 Kudos
Reply
David Child_1
Honored Contributor

‎09-25-2003 07:26 AM

‎09-25-2003 07:26 AM

Re: script help

Nick,

Not exactly the answer to your question, but you can add a line like:

TMOUT=600

to the users .profile (or /etc/profile for all users).

THis will log users out after 10 minutes of idle time.

Of course they can always change their .profile and remove it.

David
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎09-25-2003 07:26 AM

‎09-25-2003 07:26 AM

Re: script help

sometimes when you run grep it greps itself.

I don't know why.

Here is how to fix it.

Change grep to:

... | grep -i stuff

... | grep -i stuff | grep -v grep

This sometimes helps clean up the output.

I'm attaching a script purely because it contains expamples. It will not help with your script except as a reference.

SEP



Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Nick D'Angelo
Super Advisor

‎09-25-2003 07:27 AM

‎09-25-2003 07:27 AM

Re: script help

Good point, however, we limit the number of logins to 1 for most users.

Also another problem, is the printing out to the testuser.txt file only writes out one user instead of the 3 or 4 that are in violation of this one hour rule.

Thanks,
Always learning
0 Kudos
Reply
Nick D'Angelo
Super Advisor

‎09-25-2003 07:32 AM

‎09-25-2003 07:32 AM

Re: script help

Steven, your script is and it can not be opened at my end, for whatever reason. Can you post your script to the webpage so I can see what you mean, with the double grep.


David, A timeout setting at the OS before the connection is closed on the DB side, can be dangerous for data corruption.

Thanks.
Always learning
0 Kudos
Reply
Kent Ostby
Honored Contributor

‎09-25-2003 07:40 AM

‎09-25-2003 07:40 AM

Re: script help

Nick .. could you post us from your system the following.

- Raw "who -u" output
- Copy of the idleusers.txt output file from the script run immeadiately after the who -u

- Copy of the testuser.txt file immeadiatetly after 2nd script was run.

My brain works better when I can analyze the data right in front of me.

Best regards,

Kent M. Ostby


"Well, actually, she is a rocket scientist" -- Steve Martin in "Roxanne"
0 Kudos
Reply
Kent Ostby
Honored Contributor

‎09-25-2003 07:44 AM

‎09-25-2003 07:44 AM

Re: script help

And also, raw "ps -ef " output

"Well, actually, she is a rocket scientist" -- Steve Martin in "Roxanne"
0 Kudos
Reply
Sergey_27
Occasional Advisor

‎09-25-2003 08:07 AM

‎09-25-2003 08:07 AM

Re: script help

Just add
export TMOUT=1800
to /etc/profile
and this will give a user short notification
and log him out after 30 mins of idling.

It will not to try log off user if user have running editor (vi) or another interactive utility (sqlplus).
0 Kudos
Reply
Kent Ostby
Honored Contributor

‎09-25-2003 08:15 AM

‎09-25-2003 08:15 AM

Re: script help

Okay .. I think I have something working.

You will need to modify the path names to match what you want, but this should work.

First create a file called "useme.awk" which should contain:

{index1=index($2,"tty");
if (index1==0)
use2=$2
else
use2=substr($2,index1);
print "ps -ef| grep _prog | grep " use2 "| grep -v grep" ;}

NOTE: That print statement should be all one line.

Then create a script file:

#!/usr/bin/ksh
touch useme1 useme2 useme3
rm useme1 useme2 useme3
who -u | grep old | cut -c1-24 > useme1
awk -f useme.awk < useme1 > useme2
chmod +x useme2
./useme2 > useme3
cat useme3 | while read LINE
do
USER=$(echo $LINE|awk '{print $1}')
mailx -s "You have been logged in too long" $USER < messagefile
done

Also note, the script uses three temporary files useme1, useme2, and useme3.

And the script will mail a message called "messagefile" to the user.

The logic is to find old logins with
who -u | grep old

Then match the tty or pty to the ps output.

Then email those users who matched.

Hope that helps.

Best regards,

Kent M. Ostby


Once you've got a match
"Well, actually, she is a rocket scientist" -- Steve Martin in "Roxanne"
0 Kudos
Reply
Kent Ostby
Honored Contributor

‎09-25-2003 08:17 AM

‎09-25-2003 08:17 AM

Re: script help 


[RE-POST in what is hopefully a more readable format ]

Okay .. I think I have something working.

You will need to modify the path names to match what you want, but this should work.

First create a file called "useme.awk" which should contain:

{index1=index($2,"tty");
if (index1==0)
use2=$2
else
use2=substr($2,index1);

print "ps -ef| grep _prog | grep " use2 "| grep -v grep" ;}

NOTE: That print statement should be all one line.

Then create a script file:

#!/usr/bin/ksh
touch useme1 useme2 useme3
rm useme1 useme2 useme3
who -u | grep old | cut -c1-24 > useme1
awk -f useme.awk < useme1 > useme2
chmod +x useme2
./useme2 > useme3
cat useme3 | while read LINE
do
USER=$(echo $LINE|awk '{print $1}')
mailx -s "You have been logged in too long" $USER < messagefile
done

Also note, the script uses three temporary files useme1, useme2, and useme3.

And the script will mail a message called "messagefile" to the user so you need to create that.

The logic is to find old logins with 
who -u | grep old

Then match the tty or pty to the ps output.

Then email those users who matched.

Hope that helps.

Best regards,
Kent M. Ostby
"Well, actually, she is a rocket scientist" -- Steve Martin in "Roxanne"
0 Kudos
Reply
Nick D'Angelo
Super Advisor

‎09-29-2003 12:38 AM

‎09-29-2003 12:38 AM

Re: script help

Kent,

Very good, however, it appears that the script is only looking for the word old, and I need everything greater than 1.00 in that field.

Thanks,
Always learning
0 Kudos
Reply
Jakes Louw
Trusted Contributor

‎09-29-2003 01:40 AM

‎09-29-2003 01:40 AM

Re: script help

You could also try one of the ndd params:
tcp_keepalive_interval.
This will timeout any connection that exceeds the keepalive interval. This is normally 2 hours, which is a little long to keep an invalid session hanging around.
Trying is the first step to failure - Homer Simpson
0 Kudos
Reply
Nick D'Angelo
Super Advisor

‎09-29-2003 01:42 AM

‎09-29-2003 01:42 AM

Re: script help

Thanks for your feedback, however, if the user is idle and connected to a Unix DB, then we DO NOT want a kill signal or timeout sent to the PID as this could cause data corruption.
Always learning
0 Kudos
Reply
john korterman
Honored Contributor

‎09-29-2003 01:52 AM

‎09-29-2003 01:52 AM

Solution

Re: script help

Hi,

if I understand this correctly, you could try and change this line in Kent's script:
who -u | grep old | cut -c1-24 > useme1
to:
who -u|awk ' $6 ~ /[1-9]:[0-9][0-9]/ {print $1,$2}' > useme1

regards,
John K.
it would be nice if you always got a second chance
Reply
Nick D'Angelo
Super Advisor

‎09-29-2003 02:02 AM

‎09-29-2003 02:02 AM

Re: script help

works like a charm.

I modified the script so that it captures the user to a tmp file also so that I can keep track of consistantly deliquent users.

Sorry Kent, I should have assigned you the points, please post one more time and I will assign points to you once more.

Thank You,
Always learning
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.