Topic
  • 4 replies
  • Latest Post - ‏2013-02-22T20:12:12Z by SystemAdmin
SystemAdmin
SystemAdmin
6902 Posts

Pinned topic AIX .profile alias or function on ./ and .blank .script.sh

‏2013-02-20T19:02:36Z |
Hi
I'm new to this community but I hope you guys could give me a hint on shadowing every script call of my users in a certain environment with a header and a "tailer"... explanation: the script that is called by user should get a fix part in front and a fix part at the end and then be executed with a Log entry... we can execute everything by handling
an aix command called source but it would be better, if we could do it
by aliasing every script call in the .profile of our users ...but then
we need to know how to shadow ./script and . .script and that seems not
to work because of invalid alias name and notbuiltin functions...
every hint is helpful...
many thanks
Robert
Updated on 2013-02-22T20:12:12Z at 2013-02-22T20:12:12Z by SystemAdmin
  • Tibor_B
    Tibor_B
    41 Posts

    Re: AIX .profile alias or function on ./ and .blank .script.sh

    ‏2013-02-21T08:01:21Z  
    Hi,

    you explanation is not clear to me...

    Do you have given set of scripts or your admins are allowed to write new ones? And modify old ones?

    Are they willing to cooperate or you want to force this on them?

    Did you consider some kind of wrapper that would do what you want and then call the script itself, like:

    my_wrapper.sh some_critical_script.sh

    but it would need cooperation from your admins and would be trivial to circumvent.

    Also, I thought about sudo but it really depends on what exactly you want...
  • SystemAdmin
    SystemAdmin
    6902 Posts

    Re: AIX .profile alias or function on ./ and .blank .script.sh

    ‏2013-02-21T20:25:17Z  
    • Tibor_B
    • ‏2013-02-21T08:01:21Z
    Hi,

    you explanation is not clear to me...

    Do you have given set of scripts or your admins are allowed to write new ones? And modify old ones?

    Are they willing to cooperate or you want to force this on them?

    Did you consider some kind of wrapper that would do what you want and then call the script itself, like:

    my_wrapper.sh some_critical_script.sh

    but it would need cooperation from your admins and would be trivial to circumvent.

    Also, I thought about sudo but it really depends on what exactly you want...
    Hi
    thank you for this information.
    We have a production environment where users can build their own scripts.
    Obviously we want to know what commands our users are running or what scripts do they start etc...so we want to LOG this information...
    now we thought about a header that tests a [.][/]call and sets the LOG
    Directory (and File like timestamp.scriptname.processnumber) etc...the main part in the middle should be the scriptcommands to be executed and the last part should write the error to the logfile...so far so good...
    head
    sccommands
    tail
    but now the user has to import it for every script ...
    We made some tries about reading the 3 parts in and then execute the new script immediately also with perl, but then we thought about etc/profile or bashrc to shadow the call by alias or function for every script our users call...sth like alias ./=... fails because of invalid name and function ./() matchs only ./ script, not ./script...as we miss this call (and . .script)in system call table, so we cannot overwrite them in .profile etc. ...perhaps you could explain which kernel functions are called then we can think about overwriting them if possible...
    or in what way would you solve the task mentioned above...
    Many thanks in advance
    Best regards
    Robert
  • Tibor_B
    Tibor_B
    41 Posts

    Re: AIX .profile alias or function on ./ and .blank .script.sh

    ‏2013-02-22T11:02:14Z  
    Hi
    thank you for this information.
    We have a production environment where users can build their own scripts.
    Obviously we want to know what commands our users are running or what scripts do they start etc...so we want to LOG this information...
    now we thought about a header that tests a [.][/]call and sets the LOG
    Directory (and File like timestamp.scriptname.processnumber) etc...the main part in the middle should be the scriptcommands to be executed and the last part should write the error to the logfile...so far so good...
    head
    sccommands
    tail
    but now the user has to import it for every script ...
    We made some tries about reading the 3 parts in and then execute the new script immediately also with perl, but then we thought about etc/profile or bashrc to shadow the call by alias or function for every script our users call...sth like alias ./=... fails because of invalid name and function ./() matchs only ./ script, not ./script...as we miss this call (and . .script)in system call table, so we cannot overwrite them in .profile etc. ...perhaps you could explain which kernel functions are called then we can think about overwriting them if possible...
    or in what way would you solve the task mentioned above...
    Many thanks in advance
    Best regards
    Robert
    Well, this is above my knowledge :(

    Two ideas though:

    1) bash logging allows you to add timestamp. This is not much but at least something. But then you must think about a way to prevent users editing history file...

    2) I dont know about kernel calls, but what about modifying bash source and creating own binaries? But it is quite complex task and users would be allowed to call other shell (ksh, or vice versa) and completely escape your monitoring.

    I dont have much more to advice, but your question is interested to me.

    And perhaps you should change a forum, I would say this is not "AIX" specific but shell (bash/ksh) specific....

    Regards
  • SystemAdmin
    SystemAdmin
    6902 Posts

    Re: AIX .profile alias or function on ./ and .blank .script.sh

    ‏2013-02-22T20:12:12Z  
    • Tibor_B
    • ‏2013-02-22T11:02:14Z
    Well, this is above my knowledge :(

    Two ideas though:

    1) bash logging allows you to add timestamp. This is not much but at least something. But then you must think about a way to prevent users editing history file...

    2) I dont know about kernel calls, but what about modifying bash source and creating own binaries? But it is quite complex task and users would be allowed to call other shell (ksh, or vice versa) and completely escape your monitoring.

    I dont have much more to advice, but your question is interested to me.

    And perhaps you should change a forum, I would say this is not "AIX" specific but shell (bash/ksh) specific....

    Regards
    Many thanks
    regards Rob