Beefy Boxes and Bandwidth Generously Provided by pair Networks
Pathologically Eclectic Rubbish Lister
 
PerlMonks  

Logging script usage when executed via sudo on *nix

by c (Hermit)
on Sep 20, 2001 at 17:54 UTC ( [id://113587]=perlquestion: print w/replies, xml ) Need Help??

c has asked for the wisdom of the Perl Monks concerning the following question:

a unix question wrapped in perl paper.
i'm adding logging capability to a script i've recently written. i would like to include the name of the non-privelaged user executing the script in the log file. however, this script will more than likely always need to be ran using the sudo command.
sudo forces the uid/gid of the current user to that of root, and therefore the log entry contains "root" rather than the non-privelaged user's name.
has anyone ran into this issue before, and if so, how did they handle it? i've been trying to come up with a way that perl could pull the name of the user originally executing the script, but i am at a loss.

humbly -c

Replies are listed 'Best First'.
Re: Logging script usage when executed via sudo on *nix
by suaveant (Parson) on Sep 20, 2001 at 18:14 UTC
    I would use a setuid perl script (using suidperl) and then $< will contain the REAL_USER_ID of the user running the script, and $> will have the effective user id (root)

                    - Ant
                    - Some of my best work - Fish Dinner

Re: Logging script usage when executed via sudo on *nix
by Albannach (Monsignor) on Sep 20, 2001 at 18:13 UTC
    I think your answer lies with your sudo configuration. Have you tried negating the set_logname flag in the sudoers file? You might also want to set the logfile path to enable the sudo log if you haven't already done so.

    --
    I'd like to be able to assign to an luser

Re: Logging script usage when executed via sudo on *nix
by virtualsue (Vicar) on Sep 20, 2001 at 18:23 UTC
    Update: Ignore this. I was thinking about setuid scripts rather than sudo. I use the sudolog to see which user ran what command.
Re: Logging script usage when executed via sudo on *nix
by blakem (Monsignor) on Sep 20, 2001 at 21:50 UTC
    I think sudo sets some environment variables that you can check for in your perl script...

    From the sudo manpage:

    SUDO_USER Set to the login of the user who invoked sudo SUDO_UID Set to the uid of the user who invoked sudo SUDO_GID Set to the gid of the user who invoked sudo

    -Blake

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://113587]
Approved by root
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others cooling their heels in the Monastery: (6)
As of 2024-03-28 15:52 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found