I am new to shell scripting and want to create a script with the follwoing description:
I want to restrict the users from giving a kill command on a unix server. The server have a restricted logins with login id and passwords. I want a script that will find out if a user has given a kill command and if finded soem user that has given kill command, then promt that user not to give kill command. It should give an option to the logged in person " You should not use kill command but if you still wish to continue type yes else type no"
If the person types yes then he should give his details (unix id and password) that the script will authenticate and if passed then the person can give the kill command, provided i get his login details.
One way is to create an alias. Most users do not know anything about /usr/bin/kill,
they just use kill [pid]. This is a start on your requirements - I don't know what you mean by authenticate. Relogin?
Instead of specifying things like that, just tell us what you want to have happen.
You need to put this script somewhere that all of the users you describe have access to the file - just read/execute access:
#!/bin/ksh
# fake "kill" script
typeset -u ok
echo "" You should not use kill command but if you still wish to continue type yes else type no: yes/no"
read ok
if [[$ok = "YES" ]] then
/usr/bin/kill $1 $2
else
echo 'no process killed'
fi
Call the script, for example, /path/you/created/for/fake_kill.sh
Be sure to chmod +x /path/you/created/for/fake_kill.sh
Be sure all the directories of the path allow execute access for restricted users.
Add this to your login script for restricted users
Hey,
Thanks for the suggesstion. But i am a little confused. As mentioned in the script above, a fake_kill script will be created, so what will happen to /usr/bin/kill. Should that be deleted??
My requirement goes like this:
I want to warn the users if they are using kill command to kill some logins. I want to run this script on a server which has three login id's permitted(say abc/passowrd, cde, password, fgh/password). A user can telnet to that server and login using only these permitted id's whch are shared globally in our team. So the issue that we are facing is we are unaware which person gave kill command and forced out a person doing some activity on the server.
So, the script should check if anyone has given KILL command; it should warn the person; " not to use kill command" and then display an option yes/no as mentioned in the script above and stop the execution of kill command if the person enters no. And if the person enters yes, then it should ask the person to provide his unix id as he is logged into the server with some other login and after verifying his login details, we can allow that person to use kill command execution normally, as we will be aware who has given kill command.
I hope i made my requirement clear this time.
Thanks in advance
if your users are cooperative - simple wrapper is enough .
If they are malicious - it takes 3 min to write kill.c and compile it ( in case compiler is available )
It appears to me that you have some serious administration issues. Why are users allowed to kill other users sessions in the first place? What happens if they make a typo, and kill the wrong process?
I suggest that you read the manual page and experiment with the following commands, and add the output of them to a log file.
w, who, finger, ps
