trap in etc/profile and user .profile

Smith · September 1, 2009, 11:48am

Hello

I really wonder what's trap in etc/profile and in each user .profile.

I try to google for it but I think I have no luck. Mostly hit is SNMP traps which I think it is not the same thing.

I want to know ...

What's a "trap 2 3" means and are there any other value I can set please?
Do we still need this value nowaday?
How to enhance this value for more secure?

Please help me T_T

Regards,
Smith

seg · September 1, 2009, 12:01pm

`man trap`

Basically trap will prevent the /etc/profile script from being canceled or killed.

Smith · September 1, 2009, 2:10pm

NAME

trap, onintr - shell built-in functions to respond to (hardware) signals SYNOPSIS

sh

trap [ argument n [ n2 . . . ]] csh

onintr [ -| label] ksh

. trap [ arg sig [ sig2 . . . ]] DESCRIPTION

sh

The trap command argument is to be read and executed when the shell receives numeric or symbolic signal(s) (n). (Note: argument is scanned once when the trap is set and once when the trap is taken.) Trap commands are executed in order of signal number or corresponding symbolic names. Any attempt to set a trap on a signal that was ignored on entry to the current shell is ineffective. An attempt to trap on signal 11 (memory fault) produces an error. If argument is absent all trap(s) n are reset to their original values. If argument is the null string this signal is ignored by the shell and by the commands it invokes. If n is 0 the command argument is executed on exit from the shell. The trap command with no arguments prints a list of commands associated with each signal number. csh

onintr controls the action of the shell on interrupts. With no arguments, onintr restores the default action of the shell on interrupts. (The shell terminates shell scripts and returns to the terminal command input level). With the - argument, the shell ignores all interrupts. With a label argument, the shell executes a goto label when an interrupt is received or a child process terminates because it was interrupted. ksh

trap uses arg as a command to be read and executed when the shell receives signal(s) sig. (Note that arg is scanned once when the trap is set and once when the trap is taken.) Each sig can be given as a number or as the name of the signal. trap commands are executed in order of signal number. Any attempt to set a trap on a signal that was ignored on entry to the current shell is ineffective. If arg is omitted or is -, then the trap(s) for each sig are reset to their original values. If arg is the null (the empty string, e.g., "" ) string then this signal is ignored by the shell and by the commands it invokes. If sig is ERR then arg will be executed whenever a command has a non-zero exit status. If sig is DEBUG then arg will be executed after each command. If sig is 0 or EXIT for a trap set outside any function then the command arg is executed on exit from the shell. The trap command with no arguments prints a list of commands associated with each signal number. On this man page, ksh(1) commands that are preceded by one or two . (daggers) are treated specially in the following ways:

Variable assignment lists preceding the command remain in effect when the command completes.

I/O redirections are processed after variable assignments.

Errors cause a script that contains them to abort.

Words, following a command preceded by .. that are in the format of a variable assignment, are expanded with the same rules as a variable assignment. This means that tilde substitution is performed after the = sign and word splitting and file name generation are not performed.

ATTRIBUTES

See attributes(5) for descriptions of the following attributes: ATTRIBUTE TYPEATTRIBUTE VALUE AvailabilitySUNWcsu SEE ALSO

csh(1), exit(1), ksh(1), sh(1), attributes(5

Yes. I do man but I do not understand T_T. Do we still use trap to prevent user break from profile script nowaday?

BubbaJoe · September 1, 2009, 2:42pm

Yes you still have to use trap to prevent a user from breaking out of a shell or killing a shell you don't want them to kill.

Here is a simple list of signals

 #define SIGHUP           1
 #define SIGINT           2
 #define SIGQUIT          3
 #define SIGILL           4
 #define SIGTRAP          5
 #define SIGABRT          6
 #define SIGIOT           6
 #define SIGUNUSED        7
 #define SIGFPE           8
 #define SIGKILL          9
 #define SIGUSR1         10
 #define SIGSEGV         11
 #define SIGUSR2         12
 #define SIGPIPE         13
 #define SIGALRM         14
 #define SIGTERM         15
 #define SIGSTKFLT       16
 #define SIGCHLD         17
 #define SIGCONT         18
 #define SIGSTOP         19
 #define SIGTSTP         20
 #define SIGTTIN         21
 #define SIGTTOU         22

Smith · September 1, 2009, 8:58pm

Thank you very much, BubbaJoe.

I search more and found some link

InformIT: Solaris 10 System Administration Exam Prep: Managing System Processes > Using Signals
Safari Books Online - 0789729229 - Solaris? 9 Training Guide (CX-310-014 & CX-310-015): System Administrator Certification

Table 5.12. Signals Available Under Solaris
Signal	Number	Description
SIGHUP	1	Hangup. Usually means that the controlling terminal has been disconnected.
SIGINT	2	Interrupt. The user can generate this signal by pressing Ctrl+C or Delete.
SIGQUIT	3	Quits the process and produces a core dump.

As far as I understand, TRAP 1 means that it will detect the signal that I was disconnected from the system by hangup the modem (I think because the dial-up or ADSL connection is lost).

Why do we want to use TRAP 1?? If any user was disconnected because hang up then that user can't access the server isn't it?

Anybody could tell me which value I should set for TRAP in etc/profile and /.profile of each user please?