LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-07-2017, 04:14 AM   #1
fabioca
LQ Newbie
 
Registered: Sep 2015
Posts: 13

Rep: Reputation: Disabled
execute with privileges a particular script at login time


I would like that when a certain unprivileged user logs in either the console or ssh, instead of /bin/bash, a special command was executed with privileges:

Code:
ip netns exec mynamespace /bin/bash
The purpose is for this user to see a segregated network stack.

I tried to put this is the correspondent entry in /etc/passwd, but that did not work.

I could try and put it in bashrc, but at that point the shell has already been launched and this would launch a new shell, plus I would need to solve the problem of how to give this unprivileged user the right to run this command, which I do not know how to do either.

Is there a way to do that?

Thanks a lot

Last edited by fabioca; 05-07-2017 at 04:53 AM.
 
Old 05-07-2017, 05:12 AM   #2
Turbocapitalist
LQ Guru
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 5,607
Blog Entries: 3

Rep: Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851
There are two ways depending on how locked down it must be.

If it ok that the people logging in have access to the script, you can put it in ~/.ssh/rc on the server in their account(s) and make sure to enable PermitUserRC in sshd_config.

If the people logging in should not have write access to the script, the easy way is to call it from /etc/ssh/sshrc

See the manual page in the section "SSHRC" for details.

Code:
man sshd
As far as I know, you'll have the following environment variables available to the script. For group, you'd have to calculate that from $LOGNAME or $USER

LOGNAME
HOME
SSH_TTY
MAIL
SSH_CLIENT
PATH
SHELL
TERM
SSH_CONNECTION
USER

So you could make a case statement matching accounts that need customized scripts.
 
Old 05-07-2017, 05:14 AM   #3
Turbocapitalist
LQ Guru
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 5,607
Blog Entries: 3

Rep: Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851
Or you could use ForceCommand either on the server's configuration or in the SSH key used to log into the server in ~/.ssh/authorized_keys. Again, see

Code:
man sshd
but in the section "AUTHORIZED_KEYS FILE FORMAT"

Last edited by Turbocapitalist; 05-07-2017 at 05:23 AM.
 
Old 05-07-2017, 05:31 AM   #4
fabioca
LQ Newbie
 
Registered: Sep 2015
Posts: 13

Original Poster
Rep: Reputation: Disabled
Thanks for your suggestions. I will try.

Does this work automatically also when logging directly from the console?

The console is actually more important than ssh for me now.

Thanks
 
Old 05-07-2017, 05:36 AM   #5
Turbocapitalist
LQ Guru
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 5,607
Blog Entries: 3

Rep: Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851Reputation: 2851
The above only works with logins via SSH.
 
Old 05-07-2017, 07:55 AM   #6
Habitual
LQ Veteran
 
Registered: Jan 2011
Location: Abingdon, VA
Distribution: Catalina
Posts: 9,374
Blog Entries: 37

Rep: Reputation: Disabled
"sudo - You're Doing it wrong"
 
  


Reply

Tags
bash, iproute2, logind


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Execute script between defined time frame. Jakkie Linux - Newbie 5 10-08-2013 07:32 AM
run script at login that requires root privileges Eredeath Programming 13 08-04-2010 10:44 PM
execute php script by a time () afbase Linux - General 1 12-30-2006 03:30 PM
Trying to execute bash script upon login?? mr-d-2003 Linux - Newbie 4 10-30-2003 03:15 PM
How to execute script after login? gmitra Linux - General 2 02-19-2003 11:39 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 05:17 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration