• Some users have recently had their accounts hijacked. It seems that the now defunct EVGA forums might have compromised your password there and seems many are using the same PW here. We would suggest you UPDATE YOUR PASSWORD and TURN ON 2FA for your account here to further secure it. None of the compromised accounts had 2FA turned on.
    Once you have enabled 2FA, your account will be updated soon to show a badge, letting other members know that you use 2FA to protect your account. This should be beneficial for everyone that uses FSFT.

exec /usr/bin/script and mailx

oliver

n00b
Joined
Jun 1, 2004
Messages
48
we have a requirement to log all our contrators terminal sessions (in solaris) remotely

I can add this to their .profile:

exec /usr/bin/script /path/to/logfile

and then send the logfile but is it possible to do it in one command? Something like

/usr/bin/script /tmp/outfile | mailx -s "whatever" whoever@wherever.com


Obviously I've tried that example and it didn't work... do I need some fancy redirection or a combination with tee or something?

Any ideas?
 
Create a shell script that SCPs the contents of your logging directory to a remote server. Then add it to your crontab to run every 5 minutes or whatever you want.
 
Code:
script /tmp/outputfile && mailx -s "whatever" whomever@somewhere.com < /tmp/outputfile

Don't actually use that, it doesn't cover the case where script bails out for some reason. Should give you some ideas, though.
 
Bones - thanks.... I'm going to play with that and see how effective it is

Maximus825 - I actually changed the requirements a little and am doing something a little similar to what you suggested...

basically, each user gets a .profile with the following

Code:
ENV=$HOME/.kshrc
export ENV

dotlogout() {
if [ -s "~/.logout" ]; then
       .  ~/.logout
fi
}

trap dotlogout 0

SCRIPTOUT=/tmp/.$$
/usr/bin/script ${SCRIPTOUT}

exit

the .logout looks like this

Code:
USERNAME=`/usr/local/bin/whoami`
if [ ${USERNAME} = "" ]; then
        USERNAME=unknown
fi
/usr/bin/logger -i -f ${SCRIPTOUT} -p local3.info -t ${USERNAME} > /dev/null 2>&1
rm -f ${SCRIPTOUT}

So rather than emailing it, I write it with a local3.info priority to syslog which forwards it on to the remote loghost. Seems to work.

Can't get around the ability of the end-user to remove their own .profile but it will catch the stuff we're trying to get I think.

Thanks for the responses
 
Back
Top