I work on an installation script for an embedded system (over ssh).
To do that, I have a first bash script who manage the partition size. After that, this script configure the execution of a second bash scrit at reboot with crontab.
The second bash script download and compile many things and it could take few hours. During this, the system must not be stopped!
The user could unplug the power of the system, and the best way to prevent any trouble with this is to show the installation progression to the user.
The user have to reconnect itself manually after the first reboot.
How can I print something into the ssh session of the user with the script launch by crontab at reboot?
You can modifiy SSHD to display a banner by modifying the /etc/ssh/sshd_config and uncommenting the Banner parameter. You can have your cron job or whatever you want update the file that it uses for the banner. The downside to this is that this message is only updated when the sshd is started.
you can put your message into any of the startup script. For example putting this line
echo "message you want to print at startup"
into ~/.bashrc file will print "message you want to print at startup" at startup after reboot.
Related
I am trying to find a way to record every single command that is executed by any user on the system.
Things that I have came across earlier.
It is possible to view shell commands executed from the terminal using ~/.bashrc_history file.
There is a catch here, It logs only those commands which were executed interactively from bash shell/terminal.
This solves one of my problems. But in addition to it, I would like to log those commands also which were executed as a part of the shell script.
Note: I don't have control over shell script. Therefore, adding verbose mode like #!/bin/bash -xe is not possible.
However, this can be assumed that I have root access as a system administrator.
Eg: I have another user that has access to the system. And he runs the following shell script using from his account.
#!/bin/sh
nmap google.com
and run as "$ sh script.sh"
Now, What I want is "nmap google.com" command should be logged somewhere once this file is executed.
Thanks in advance. Even a small help is appreciated.
Edit: I would like to clarify that users are unaware that they are being monitored. So I need a solution something at system level(may be agent running with root). I cannot depend on user to log suspicious activity. Of-course everyone will avoid such tricks to put blame on someone else if they do something fishy or wrong
I am aware that you were asking for Bash and Shell scripting and tagged your question accordingly, but in respect to your requirements
Record every single command that is executed by any user on the system
Users are unaware that they are being monitored
A solution something at system level
I am under the assumption that you are looking for Audit Logging.
So you may take advantage from articles like
Log all commands run by Admins on production servers
Log every command executed by a User
You can run the script in this way:
execute bash (it will override the shebang)
ts to prefix every lines
logs both in terminal and files
bash -x script.sh |& ts | tee -a /tmp/$(date +%F).log
You may ask the other user to create an alias.
Edit:
You may also add this into /etc/profile (sourced when users login)
exec > >(tee -a /tmp/$(date +%F).log)
Do it also for error output if needed. Keep it splited.
I have modified my rc.local script to run some python script at startup.
This python script seems to be started successfully.
As the script is running forever (intended) and I want to see what the script does, my question is:
Is there a way to access the shell that runs this script?
Yes, to see what is going on, I could log to some file, but what if that script needs to get input from the user via console?
Thanks for your help!
You will not be able to interact with the script run by rc.local. But you can see what it does by logging its output into dedicated files:
python myscript.py > /home/myhome/log/myscript.log 2> /home/myhome/log/myscript.err
where error messages go into a separate log file.
Note that your script will be executed by root, having permissions and ownership accordingly.
Here's a link to an earlier answer about this with a method to log all outputs of rc.local.
Now you can see in your log file, if the execution stops due to the script demanding input or indeed crashing, and then you can fix the script accordingly.
If you don't want to mess with rc.local for testing, you could also first run it through crontab on your or root's account (scheduled execution by user, see man crontab). This might be easier for debugging, and you can start it through rc.local once it works as you want.
I want to run series of commands in bash shell file. But one of the command requires reboot of the system and I have added reboot command in the shell file. But after the reboot that process is lost. Is there any solution for this?
In the system the only thing that is really persistent is a file. That's pretty much what you should use.
Try making the part of the script that needs to be executed after reboot in to /etc/rc.local from within the script.
Reference
I have a bash script with a series of whiptail menus that allows a user to setup their new system, which is Ubuntu server, with no GUI, just CLI (it's going to be a Virtual Machine image).
I'm already forcing a root login by editing /etc/default/grub and /etc/init/tty1.conf, so the user is dropped directly into the root command prompt. From there the user has to type in ./whiptail.sh to start the script and get the whiptail prompts to further setup their host.
Now, I'd like for my script to be what appears up after the the login occurs instead of the user being dropped to the command prompt. How can I do this?
All interactive sessions of bash will read the initialization file ~/.bashrc.
So you can just add the script at the end of the root's .bashrc i.e. /root/.bashrc, assuming the script is executable:
echo '/path/to/whiptail.sh' >>/root/.bashrc
Now the script will be always run when root opens a new interactive shell. If you only want to run while login only, not all all interactive sessions you should rather use ~/.bash_profile/~/.bash_login/~/.profile (the first one available following the order).
If you want it to be global, add you script to
/etc/profile
If you want it to be user-specific, add you script to
/home/$USER/.profile
Consider upvoting the original answer here: https://unix.stackexchange.com/a/56088/343022
I have a python script that I want run prior to any user logging in. This is for a home automation server and I want it always to be up and running as soon as the system allows.
I already have it in the rc.local file including an ampersand. This works.
But I can't see the screen output that it produces.
When I log into the unit (it's a raspberry pi running raspian) via SSH I can start it using screen which works the best as when I logout and back in, it's still there. AND I can see the output from the script.
But when I try running screen from the rc.local file, and subsequently login to check, the script isn't there (ie ps aux | grep script.py confirms)
edit: I've taken on Nirk's solution below about using tail. From the command line, it works fine. But starting it form within /etc/rc.local doesn't. I have touched the file and everyone has write access to it.
This is what's in my rc.local file:
python /home/pi/gateway.py &> /x10.log &
UPDATE
This is how I did it in the end:
Although the question was just about how to run in the background prior to login, there was more to it. The script is a work in progress and because of the way a particular serial device acts with it, it is/was prone to crashing (I've almost got all the bugs out of it). I needed to be able to restart it as well. I tried nohup but for some reason, it wouldn't keep it alive so in the end I found the top answer from this page got it all sorted.
In my /etc/rc.local I included a shell script to run:
nohup /home/pi/alwaysrun.sh > /home/pi/mha.log 2>&1 &
alwaysrun.sh contains:
#!/bin/bash
until python /home/pi/gateway.py; do
echo "'gateway.py' exited with exit code $?. Restarting..." >&2
sleep 1
done
nohup will keep the alwaysrun.sh script alive, and that in turn keeps my gateway.py script running. The redirect of stdout and stderr means I can setup a tail (and/or go back and check) the log.
Instead of using screen, if you just want to see the output you should redirect the output of the command to a log file and then tail the file.