|
Re: Adress of client opening a Unix session
by Fletch (Bishop) on Sep 09, 2004 at 12:33 UTC
|
Some things like ssh will set an environment variable, but since the user's free to muck with that before running your program it's not trustworthy. Slightly more reliable would be reading the remote host from /etc/utmp, but that's going to be somewhat platform dependent (see Sys::Utmp or User::Utmp) and if someone can manipulate the DNS server you're using it's likewise untrustworthy.
A better solution would be to mandate seperate system logins for each user and use those to determine who's running your program. If someone can circumvent that they more than likely could alter your log anyhow.
| [reply] |
|
|
Yes I do agree with you, that the best thing would be to have different users, but that is not really possible because of the arcitecture. This "build" script is only meant for administrators of the system, but now during implementation other people need to use it and therefor we must log it. I'll have a look on the Sys::Utmp and the User::Utmp
Thanks
| [reply] |
|
|
Ah, then you probably can use sudo and let it handle the logging. Just create a dedicated build user who's the owner of everything in question. Put the people who need to be able to run the build process in a group, and then configure sudo to allow that group to run whatever command / script is necessary to kick things off (and the original user who ran sudo will be logged to wherever syslog is pointing).
| [reply] |
Re: Adress of client opening a Unix session
by diotalevi (Canon) on Sep 09, 2004 at 12:28 UTC
|
It depends. You didn't provide enough information to help us help you. How are you connecting? ssh sets the environment variable $ENV{ 'SSH_CONNECTION' } for me. Perhaps you have some similar information. Other connections may have this sort of information elsewhere.
| [reply]
[d/l] |
|
|
We have putty installed and the users cannot install new programs on the client, so we connect via ssh or telnet.
cheers
Kurre
| [reply] |
|
|
Didn't you read what I just said? I already mentioned that I see the environment variable SSH_CONNECTION with the remote ip address in it. If you noticed that you have this, then use it. If you don't have it, it's probably the fault of your SSH server or maybe a configuration script on your server deletes it.
| [reply] |
Re: Adress of client opening a Unix session
by Anonymous Monk on Sep 09, 2004 at 12:49 UTC
|
How's that script executed? Is it listening to a port (in which case, the socket will provide you with the information)? Is it run from a remote shell? Is it executed by means of UUCP? Perhaps it's a CGI program? Or are you using SOAP? Is the script is mailed, and you're using a fancy .forward file? Is your .finger a named pipe? | [reply] |
|
|
It is executed via a shell, by hand, by an authirized user,
cheers
| [reply] |
|
|
Then 'finger' or 'who' should know. Or you'll have to parse /var/log/wutmpx? yourself.
| [reply] |
|
|
finger | grep `ps -o tty -p $$ | tail +2`" " | cut -b 56- | tr -d '()'
Adjust to fit your implementation of your tools. | [reply]
[d/l] |
|
|