I have the below piece of code..
ssh some_user#server << EOF
echo 'Successfully connected to the server'
pbrun previlige -u user
ls
pwd
id
...few more commands
EOF
if [ $? -eq 0 ]
then
echo 'Successful Execution of the last command in ssh'
fi
Now the issue that I face in the above code is, the script automatically exits after switching user through the pbrun command (i.e. it never executes the ls, pwd and subsequent commands). To make things complicated, this issue is intermittent. Sometimes I get the proper output of all the subsequent commands and sometimes I don't.
Output when the issue occurs:
Successfully connected to the server
su from some_user to user at Mon Oct 6 09:47:00 MDT 2014
Successful Execution of the last command in ssh
In the above case it never displays the subsequent output of commands after switching the user
Output when the issue doesn't occur
Successfully connected to the server
su from some_user to user at Mon Oct 6 09:47:00 MDT 2014
Logs migrate.properties prereq.sh src_exp.sh src_mig.exp
/home/venus/
uid=* gid=* groups=****
Successful Execution of the last command in ssh
Is there any cause/fix for this? Even a workaround should be fine for me..! Thanks!
Passing an inner heredoc ensures that your later contents are fed to pbrun's stdin, rather than invoked in the outer shell only after pbrun exits, which is what would happen otherwise:
ssh some_user#server <<'OUTER_EOF'
echo 'Successfully connected to the server'
pbrun -u user bash <<'INNER_EOF'
# this is inside both ssh and pbrun
ls
pwd
id
INNER_EOF
# this is inside ssh, but not inside pbrun
OUTER_EOF
Using Red Hat Enterprise Linux is it possible to place a global option that whenever a user exits an SSH connection the BASH history for that user is cleared?
In the /etc/bash.bash_logout script you can put:
unset HISTFILE
The default for HISTFILE is ~/.bash_history. The user can set this to whatever they wish. If it's not set, the logout process doesn't write the history information that's in RAM to the history file.
Put the following in ~/.bash_logout
echo > $HISTFILE
This will erase the saved history for a user at logout, but will keep a useful running history when user is logged-in.
I know you can manually run
history -c
I think you can put this into your ~/.bash_logout.
The user can always save their history to a non-standard file and reload it on the next login, so their isn't much you can do from a global standpoint to stop it.
For example, Bob might put the following in his ~/.bash_login:
HISTFILE=~/my_secret_history_file
When needed to let the histories empty - I use symlinking them to /dev/null...
lrwxrwxrwx 1 root root 9 Dez 16 19:10 .ash_history -> /dev/null
lrwxrwxrwx 1 root root 9 Dez 16 19:10 .bash_history -> /dev/null
...then the history of typed commands work only for current session.
Starting a new shell, starting a new empty temporary history.
Symlinking them for normal users to /dev/null have to be done by: root
I have a problem executing a shell script with the "modifier" nohup.
The script executed without nohup works fine.
The script have all the rights. And the error message is really weird.
oracle#serveur6:/home/oracle/xxx/yyy/test>ls -ltr
total 16
-rwxrwxrwx 1 oracle dba 1620 Jun 7 14:56 lanceur2.sql
-rwxrwxrwx 1 oracle dba 48 Jun 7 14:56 alt_script.ksh
drwxrwxrwx 2 oracle dba 256 Jun 7 14:57 log
oracle#serveur6:/home/oracle/xxx/yyy/test> nohup /home/oracle/admin/ESPACE/test/alt_script.ksh &
[1] 25493628
oracle#clay925p6:/home/oracle/admin/ESPACE/test> Sending output to nohup.out
nohup: /home/oracle/admin/ESPACE/test/alt_script.ksh: **No such file or directory**
[1] + Done(127) nohup /home/oracle/admin/ESPACE/test/alt_script.ksh &
Things to check:
The path to the script is correct.
The script has executable permission set.
the first line of the script contains something like #!/bin/sh
nohup runs a command in the background, thus the script must be executable like any other command.
there are currently 2 PCs, PC1 and PC2.
I have an Ant script on PC1, the script will execute bash commands on PC2 using sshexec task, the snippet may like the following:
<sshexec
host="${IPofPC2}"
username="${USERofPC2}"
password="${PASSofPC2}"
command='echo "Hello World!"'
trust="true"></sshexec>
in practice the command is a complex one, I give echo "Hello World!" for an example.
I want to see what exactly the command is that have executed on PC2, but I don't know how to.
I googled and find .bash_history will save the remotely executed commands by one login using ssh-like terminal.
It seems this may help, but tried with no success, the .bash_history file won't record commands executed by sshexec task remotely.
So SOS, please help. Thanks in advance.
Edit:
#/etc/syslog.conf
!sshd
*.* /var/log/sshd.log
Attachment:
$cat /var/log/sshd.log
Dec 8 17:36:29 brownshen
launchproxy[1373]:
/usr/libexec/sshd-keygen-wrapper:
Connection from: 10.224.105.186 on
port: 4090 Dec 8 17:36:30 brownshen
sshd[1376]: in pam_sm_authenticate():
Failed to determine Kerberos principal
name. Dec 8 17:36:30 brownshen
sshd[1374]: Accepted
keyboard-interactive/pam for zhouvega
from 10.224.105.186 port 4090 ssh2 Dec
8 17:36:30 brownshen
com.apple.SecurityServer[23]: Session
0x3096eb created Dec 8 17:36:30
brownshen
com.apple.SecurityServer[23]: Session
0x3096eb attributes 0x20 Dec 8
17:36:30 brownshen
com.apple.SecurityServer[23]: Session
0x3096eb dead Dec 8 17:36:30
brownshen
com.apple.SecurityServer[23]: Killing
auth hosts Dec 8 17:36:30 brownshen
com.apple.SecurityServer[23]: Session
0x3096eb destroyed
Take a look at this: http://www.unix.com/unix-advanced-expert-users/4722-ssh-command-logging.html
My first thought was that you could change the shell specified in passwd to be a shell-wrapper that logs all input, but I think the sshd approach is better.
And, unless you have a good reason to (user input?) you should use SSH keys for auto-logins instead of saving passwords.
You will need to make sure that your script is actually being executed by Bash and not sh. Then, add these to the beginning of your script:
HISTFILE=$HOME/.bash_history
set -o history
Choose a different file to save the history separately from the user's interactive history. You can use set -o history to turn history saving on and set +o history to turn it off. You can use this selectively to only save parts of the script.
Add this at the end of your script to write the in-memory history to the file:
history -w
Note that the HISTSIZE variable affects how many lines of history are stored in memory. The default is 500 which could be quickly filled by an executing script. The HISTFILESIZE variable also defaults to 500 and the same issue applies. You may need to set these variables to larger values in your script and set HISTFILESIZE' also in the user's startup file (e.g.~/.bashrc`) so it doesn't get truncated during interactive use if you're using the same history file.
Note that for some uses, instead of using history you can use set -x to turn on tracing and capture stdout to a file.
How do I get the name of the active user via the command line in OS X?
as 'whoami' has been obsoleted, it's probably more forward compatible to use:
id -un
If you'd like to display the full name (instead of the username), add the -F flag:
$ id -F
Andrew Havens
I'm pretty sure the terminal in OS X is just like unix, so the command would be:
whoami
I don't have a mac on me at the moment so someone correct me if I'm wrong.
NOTE - The whoami utility has been obsoleted, and is equivalent to id -un. It will give you the current user
whoami
EDIT
The whoami utility has been obsoleted by the id(1) utility, and is equivalent to id -un. The command id -p is suggested for normal interactive use.
Via here
Checking the owner of /dev/console seems to work well.
stat -f "%Su" /dev/console
There are two ways-
whoami
or
echo $USER
You can also use the logname command from the BSD General Commands Manual under Linux or MacOS to see the username of the user currently logged in, even if the user is performing a sudo operation. This is useful, for instance, when modifying a user's crontab while installing a system-wide package with sudo: crontab -u $(logname)
Per man logname:
LOGNAME(1)
NAME
logname -- display user's login name
If you want to know who's currently logged in to the system:
$ w
15:56:14 up 5 days, 20:58, 6 users, load average: 0.43, 0.53, 0.50
USER TTY LOGIN# IDLE JCPU PCPU WHAT
me pts/2 Fri19 1:03m 0.98s 0.98s -/bin/bash
me pts/3 09:55 6:00m 0.43s 0.43s /bin/bash
me pts/5 15:56 0.00s 0.23s 0.00s w
(This is from a Linux system; the formatting on OS X may be slightly different, but the information should be about the same.)
There may be multiple login sessions; UNIX is designed to be a multi-user system, after all.
The question has not been completely answered, IMHO. I will try to explain: I have a crontab entry that schedules a bash shell command procedure, that in turn does some cleanup of my files; and, when done, sends a notification to me using the OS X notification center (with the command osascript -e 'display notification ...). If someone (e.g. my wife or my daughter) switches the current user of the computer to her, leaving me in the background, the cron script fails when sending the notification.
So, Who is the current user means Has some other people become the effective user leaving me in the background? Do stat -f "%Su" /dev/console returns the current active user name?
The answer is yes; so, now my crontab shell script has been modified in the following way:
...
if [ "$(/usr/bin/stat -f ""%Su"" /dev/console)" = "loreti" ]
then /usr/bin/osascript -e \
'display notification "Cleanup done" sound name "sosumi" with title "myCleanup"'
fi
getting username in MAC terminal is easy...
I generally use whoami in terminal...
For example, in this case, I needed that to install Tomcat Server...
You can also retrieve it from the environment variables, but that is probably not secure, so I would go with Andrew's answer.
printenv USER
If you need to retrieve it from an app, like Node, it's easier to get it from the environment variables, such as
process.env.USER.
Define 'active user'.
If the question is 'who is the logged in user', then 'who am i' or 'whoami' is fine (though they give different answers - 'whoami' reports just a user name; 'who am i' reports on terminal and login time too).
If the question is 'which user ID is the effective ID for the shell', then it is often better to use 'id'. This reports on the real and effective user ID and group ID, and on the supplementary group IDs too. This might matter if the shell is running SUID or SGID.
you can open terminal and write down following command:
id -un
or
whoami
This will return your current login username.