Re: Howto run privileged commands on login/logout
On Sun, 07 Feb 2010 01:55:02 +0100, Erik Norgaard norga...@locolomo.org wrote: Hi: I'm playing around with diskless operation. I'd like to be able to run privileged commands when a user logins or logs out: You can handle this in two ways: a) On a per-user basis, you can use the user's ~/.login and ~/.logout files; those are corresponding to the C Shell, and assuming that csh is the dialog shell for the user. b) On an all-users basis, you can use /etc/csh.login and /etc/csh.logout to have all users perform the commands you want to run. - on login, nfs mount the user's home directory (ok, not critical, I can mount /home) As it has already been mentioned, it is easy to use amd and / or automounter tool for that. - on logout a system reboot to clean up any temporary files left from the session. A system reboot? To clean up temporary files? Caused by an ordinary user? Excuse me, Sir, what strange country are you from? :-) Honestly, that's not neccessary. If you want to make sure that all temporary files belonging to a specific user are deleted upon user logout, you can simply let him do it by his ~/.logout script, e. g. using rm -rf /tmp; this might sound very violent, but it will only delete the user's files from the /tmp subtree. There are very few occassions you HAVE to reboot a BSD machine. Cleaning temporary files is *not* one of them, especially if you don't have clear_tmp_enable set to YES in /etc/rc.conf. If temporary files are left in other directories you know of, you can clean them as well. Is this possible, without messing arround with sudo or adding users to wheel or operator groups? Of course. You can edit the permissions for the programs you explicitely want to allow ordinary users to run, e. g. the /sbin/shutdown binary. A sidenote: If we're talking about X, the GiveConsole and TakeConsole in /usr/local/lib/X11/xdm/ can be used. Those are shell scripts that allow chown'ing and chmod'ing files to specific users, as well as other things. I know that a problem may occur when multiple users log in. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Howto run privileged commands on login/logout
On Sat, Feb 6, 2010 at 4:55 PM, Erik Norgaard norga...@locolomo.org wrote: Hi: I'm playing around with diskless operation. I'd like to be able to run privileged commands when a user logins or logs out: - on login, nfs mount the user's home directory (ok, not critical, I can mount /home) - on logout a system reboot to clean up any temporary files left from the session. Not sure if it would work or not but you could try setting /etc/csh.logout setuid root (or whatever). However, IIRC, there are security concerns with setuid scripts (I remember previous list discussions about setuid shell scripts but don't remember what the verdict was). -- Rob Farmer Is this possible, without messing arround with sudo or adding users to wheel or operator groups? Thanks, Erik -- Erik Nørgaard Ph: +34.666334818/+34.915211157 http://www.locolomo.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Howto run privileged commands on login/logout
On Sunday 07 February 2010 01:55:02 Erik Norgaard wrote: I'm playing around with diskless operation. I'd like to be able to run privileged commands when a user logins or logs out: - on login, nfs mount the user's home directory (ok, not critical, I can mount /home) This can be done using amd(8). Check out the example section in amd.conf(5). - on logout a system reboot to clean up any temporary files left from the session. Not sure why you would want to reboot the entire system but simply doing chmod +s /sbin/shutdown should give all users access to the shutdown(8) command. Is this possible, without messing arround with sudo or adding users to wheel or operator groups? -- Pieter de Goeje ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Howto run privileged commands on login/logout
Erik Norgaard norga...@locolomo.org wrote: I'm playing around with diskless operation. I'd like to be able to run privileged commands when a user logins or logs out: - on login, nfs mount the user's home directory (ok, not critical, I can mount /home) Or, better yet, use an automounter. - on logout a system reboot to clean up any temporary files left from the session. I'm not aware of any existing, simple method to handle this part. It might not be all that difficult to hack something into getty(8) or init(8). Another possibility would be to clean /tmp and /var/tmp in the .logout script, which should not require any special privs. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org