Hi All,

Good morning....I need a help in writing one shell script....(RHEL5)

I will describe the scenario first..

I want to install jboss on various system on boot time install....

so my requirement is to write a script that will install jboss products as a root user only..If its any other user it should throw a error message and exit.....

The script is not supposed to take the username from the user himself. It is supposed to see which user it is running as (self). If any user other than root run this script it should give error and exit.......

Kindly any1 help me to do that....if any1 has written a script pls help me out.....

Regards
Suvra

man id
man bash, search UID

FYI: LOGNAME is not always a reliable test. Some users have root accounts that use different names, such as "toor", or "rot"; these convenience accounts are commonplace for many, and exist by default in some BSDs.

UID=0 will always be the correct test.

Correct...

I always use...

One caveat is that if you are on Solaris you have yo make sure that you use /usr/xpg4/bin/id

-C

Sure, You're right. It'll make the script stronger.
Just sometimes it's easier for beginners to understand with exact names instead of numbers.

Actually, I disagree with this. Users *should* learn about UID/GID, as they are the key permissions-granting aspect of *nix systems. User names are simple, decorative candy above that.

I agree with your disagreement

-C

I'm agree with this point too, they should.
But I'm not sure you will memorize 150 UIDs instead of usernames.
Changing the name of root user is not a panacea, and it hardly could protect the system from an attack.

Do you register in your system using UID? Or do you writing e-mails to 1111@22.33.44.55?

Returning tho the original question, I'm still convenienced that my script was more understandable, and it could involve beginners in thinking, whereas these "weird" numbers usually have opposite effect.

Whar's more, suvra82002 has written about RHEL5, where by default root user is called exactly root.

And finally, even id could be substituted with mal-ware and return not so reliable values...

You're missing the point.

We are not memorizing UID's ... we are using the UID in the script so that it would be portable... in which case using the UID is preferable.

And if you are scared of malware/virus/root-kit then you should stop using computers...since it WILL happen to you one day...question is "when".

Mr. C. and i were just trying to give you "best practice"...don't take it personal...but if you ask around using UID is superior to login names...not that using login names is "wrong"...just that using UID is superior...

-C

Who cares about 150 UIDs? Two concepts are necessary: 0 and non-zero.

Who said anything about attacks? I said "convenience accounts", and nothing about security via obfuscation techniques.

Of course not - the point isn't that one should not use names, it is that names DO NOT imply permission. The entire OS uses UID/GID/EUID/EGUID internally, not names.

My mail accounts are virtual, so that point is moot.
Code that just sometimes works by design is bad code - period. Standard practice is to check UID. With almost +25 years of experience with *nix systems, I'm confident in my assessment. If you want to write code that we all can see *will* fail under certain circumstances, be my guest. I'll concede the battle that demonstrates anther's foolishness.

Again, many seasoned admins create UID=0 accounts that are not named "root". This is not an uncommon practice. It is done AFTER the default system has been setup, and code should accommodate this.
Now this argument is just plain silly. So in that case could the shell (which provides your LOGNAME) and any other utility. You've switched into an entirely different ballpark with this one.

Good Point.

-C

I just said that changing root name hardly could protect the system from an attack. right?
I'm taking it easy, don't worry.
UID=0 is used often, but I doubt about regular users. Mr. C. is more proper in that.
Look at the Oracle Guides, for instance:
True. But not for this case.
This code works on standard systems. And renaming "root" is getting less common already AFAIK.

You've said about convenience accounts. Why is it more convenient than standard "root"? Or what else does it mean?

And thanks for your assertion about "anothers in the battle"...

The oracle example requires usage of USER = oracle, because that is the name by which the system was installed. An installation cannot assume a UID/GID, but can default to certain username/groupnames for installation and runtime. This is the case where USER is the correct usage. The point to take note of is that *the most accurate* mechanism should be used. In the case of superuser privs, its UID=0, or for group wheel or root, its GID=0, and in the case of some software installation that uses specific username/groupnames, USER is correct.

No, it doesn't. My NetBSD system BY DEFAULT comes with BOTH root and toor accounts, both with UID=0
If you look carefully, you will find there is utility there. This has nothing to do with renaming an account. This has been a practice for almost 25+ years.

Self-serving estimates of the state of the world are silly. "less common" and "not for this case" show your focus is not on portability and correctness, but rather sticking to your guns. Shoot on...

...And in the case of oracle I STILL wouldn't use the login name...I would do something similar to...

So if the oracle user EVER changes...for whatever reason..all you would have to change is the oracleuser= part in the script...this is also good for portability since I've run across installations of oracle where the user name was something weird like ora

My