Here's the situation: We are a managed hosting company that uses TSM for backup, and we would like to hand off day to day administration of the environement to the operations staff. There are a number of inexperienced (in TSM) staff. We want a way to audit (beyond the normal activity log) what it is these people do. Therefore, I have written a wrapper script to dsmadmc that uses tee to send stdout to the screen and to a file. We use a similar script for logging ssh.
Once the script is working, dsmadmc on the administrative host will only be executable by the user that the wrapper runs as. But here is what happens when the script runs (I'm passing a username and password on the command line, I would also like a way to hide this from the process list, i.e. take them out of a file or something): bookworm:~$ sudo -u svadmin /usr/local/sbin/svadmindsm i01sv0600 -- -- -- WARNING: This session is logged. -- -- -- Executing command - hostname i01sv0600 Tivoli Storage Manager Command Line Administrative Interface - Version 4, Release 2, Level 3.0 (C) Copyright IBM Corporation, 1990, 2001, All Rights Reserved. Session established with server I01SV600: Solaris 7/8 Server Version 4, Release 2, Level 4.1 Server date/time: 10/01/03 17:24:31 Last access: 10/01/03 15:53:43 tsm: I01SV600>ANS8025E I/O Error reading command input. ANS8002I Highest return code was 0. bookworm:~$ Jon Stanley Hosting Systems Engineer SAVVIS Communications 1 SAVVIS Parkway Town & Country, MO 63017 SAVVIS, The Network That Powers Wall Street(SM) 314-628-7570 (direct) 314-265-4690 (mobile) [EMAIL PROTECTED] (pager) 866-234-4678 (Toll Free) [EMAIL PROTECTED]
