DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 26th June 2008
EvilMonkeySlayer EvilMonkeySlayer is offline
New User
 
Join Date: Jun 2008
Posts: 3
Thanked 0 Times in 0 Posts
Default Automatic launching of a script upon login. Help me figure this out

Okay, i've been mulling about an idea ever since I got works new FTP server up and running.

Currently, here's how it works:

I have the ftp server running with virtual users as a security precaution, this is running pure-ftpd on top of OpenBSD. At the moment all user management is done by me, so creation, modifying etc. All me.

I've had an idea to both make my life a bit more simpler and possibly offload the work to someone else. I have seen in the past that upon login on a console a bash script (or some kind of shell script) can run upon immediate login.

My plan is to create an interactive script that can create, modify and delete users purely from simple selections, for example this would appear upon connection:

Quote:
Welcome to the bla FTP server, please make your selection:

1) Create user
2) Modify user
3) Delete user
4) Logout
Upon entering a number and pressing enter it goes through further menus to do this like change passwords, entering user names etc. (essentially the script passes the commands like "pure-pw useradd %username% -u ftpuser -d %homedir%")

Here's my plan as I see it, I need to do the following:
  • Figure out how to do automatic login via putty with public/private key authentication (this is especially important if I offload the work to someone else)
  • Create a (super?)user specifically for this task, I don't want it to have full root capabilities. Just enough for pure-ftpd.
  • Learn a command line scripting language
  • Figure out how to get it to launch the script immediately upon connection (set the script as the shell?)
  • Disable users ability to ctrl-c out, if they ctrl-c I don't want it going to the command line but to immediately logout. In other words no shell access.

I'm open to suggestions on how to approach this. Any ideas on what I should be reading up on?

I believe I have now got the auto-login with putty figured out. By leaving out the pass phrase (from puttygen) I can get it to auto-login with putty.

This is a very base OpenBSD 4.3 install, all i've got installed is pure-ftpd and nano. (I cannot stand ed, vi or any of the other remember 27 million key combinations programs)

I posted this to bsdforums before realising it was a walking corpse intent on spewing spam.
Reply With Quote
  #2   (View Single Post)  
Old 27th June 2008
ai-danno's Avatar
ai-danno ai-danno is offline
Spam Deminer
 
Join Date: May 2008
Location: Boca Raton, Florida
Posts: 284
Thanked 35 Times in 31 Posts
Default

Whoever you entrust this to, why is it so difficult for them to just use the useradd/groupadd commands to get the work done?

Of course you could you can have the account of said person execute a script on login (place execution of script into their .profile) but again, why can't they just use the tools in place?

Maybe if you want things to be that easy you could just install webmin and have them web-gui their way to adding/modding/deleting users... have you been exposed to webmin?
__________________
Network Firefighter
Reply With Quote
  #3   (View Single Post)  
Old 27th June 2008
EvilMonkeySlayer EvilMonkeySlayer is offline
New User
 
Join Date: Jun 2008
Posts: 3
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by ai-danno View Post
Whoever you entrust this to, why is it so difficult for them to just use the useradd/groupadd commands to get the work done?

Of course you could you can have the account of said person execute a script on login (place execution of script into their .profile) but again, why can't they just use the tools in place?

Maybe if you want things to be that easy you could just install webmin and have them web-gui their way to adding/modding/deleting users... have you been exposed to webmin?
The exact reason why i'm wanting to make this simple is because the persons I may offload this to have zero unix experience and have enough problems using windows let alone OpenBSD. I'm the only computer guy at the company, my plan is rather than it constantly being customer -> account handler -> me I want the account handlers able to create users. Asking people who have problems using windows to use the command line is asking for trouble.

Yes, i've used webmin quite a bit on Linux. But the FTP machine is a production server and frankly I don't trust it because of its security history.

Anyway, i'm wanting to keep to the official packages and keep the ftp server installation as minimal as possible for maintenance and security reasons. (webmin isn't an official package)
Reply With Quote
  #4   (View Single Post)  
Old 27th June 2008
lvlamb's Avatar
lvlamb lvlamb is offline
Real Name: Louis V. Lambrecht
Spam Deminer
 
Join Date: May 2008
Location: .be
Posts: 221
Thanked 25 Times in 24 Posts
Default

Short of time,
throwing in some ideas here:

- automatic script at start (and exit at shutdown): this is done via
/etc/rc.local
good practice to kill open processes in
/etc/rc.shutdown

- public/private key identification via PuTTY/ssh. You could then use stock
sftp instead of pure-ftpd.
For a client side GUI, check gftp

- adding users: /etc/passwd can easily become un-manageable if there is a large amount of users to create. Better check for (stock) ldap, yp (Yellow Pages).

IMVHO

----
edit:
as OpenBSD has no trap command in the default,
must try to figure out how to catch the ctrl+c in a loop,
or use BASH.
__________________
da more I know I know I know nuttin'

Last edited by lvlamb; 27th June 2008 at 03:26 PM.
Reply With Quote
  #5   (View Single Post)  
Old 28th June 2008
ai-danno's Avatar
ai-danno ai-danno is offline
Spam Deminer
 
Join Date: May 2008
Location: Boca Raton, Florida
Posts: 284
Thanked 35 Times in 31 Posts
Default

Ok so the OP is stating that because those "junior admins" that he may unleash on the box may not have the capabilities to learn and properly run the proper commands for proper administration, the OP wants to not only learn how to place the right configuration-setting script in place for the said "junior admin", but also know how to properly write the proposed script by learning a scripting language.

I will say this, and while this sounds a little harsh it's not meant to be (just cutting to the chase as they say), you are underestimating the difference between teaching someone how to do a minimal amount of proper user-configuration-administration, and learning how to program. I think, while you may be decent as some forms of shell scripting, learning something like PERL to the degree that you will need to learn it to effectuate the type of script you desire is harder than you think. Worse, it does nothing for your organization in terms of teaching them proper administration skills- it horse-blinds them into your one-off script. If the script breaks or you aren't available, your organization is left scratching it's collective head.

In an hour of properly pre-documented training, you can teach said "junior admins" to do what you want them to do, and skip the whole "learning a language" part and get on with your life. Then, if you are still interested in learning to program (let's say in PERL, which would be perfect for the task you state) you can go and do that and have a nice sample task with which to help teach yourself. And then you won't be (to use another cliche) be putting the cart before the horse.

If you are not thinking that this advice is good for you, that's fine. I would then suggest that after learning a scripting language and creating the superscriptiness you desire, you place said launching of script into the .profile of the user account that the junior admin will use to get this work done... whenever the admin logs in, the script executes. But again, teaching them I think is a better path for all involved.
__________________
Network Firefighter
Reply With Quote
  #6   (View Single Post)  
Old 28th June 2008
ephemera's Avatar
ephemera ephemera is offline
Knuth's homeboy
 
Join Date: Apr 2008
Posts: 537
Thanked 49 Times in 43 Posts
Default

Quote:
Originally Posted by EvilMonkeySlayer View Post
I've had an idea to both make my life a bit more simpler and possibly offload the work to someone else. I have seen in the past that upon login on a console a bash script (or some kind of shell script) can run upon immediate login.

My plan is to create an interactive script that can create, modify and delete users purely from simple selections, for example this would appear upon connection:
you can create a shell script that does this and replace the login shell for the user(s) with this script in /etc/passwd.
here's an outline of what it might look like:
Code:
#!/bin/sh

trap    ':'     INT QUIT TSTP

printf 'Welcome to the bla FTP server, please make your selection:\n'
while true ; do
cat << END

1) Create user
2) Modify user
3) Delete user
4) Logout
END
        printf 'Choice? '
        read ch
        case $ch in
        1)      printf 'Enter username to create: '
                read user
                # command to create $user
                [ $? -eq 0 ] && printf "User \"$user\" was created Successfully.\n"
                ;;
        2)      # like above
                ;;
        3)      # like above
                ;;
        4)      exit
                ;;
        esac
done
note: this is only for the convinience of parametric users and not security.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
tmux disable automatic resize Carpetsmoker General software and network 7 25th June 2009 10:54 PM
Login automatically map7 FreeBSD General 1 12th October 2008 11:09 PM
How to set up ssh login cssgalactic FreeBSD General 12 28th June 2008 06:00 PM
Automatic Mount for Devices/Filesystems vermaden FreeBSD General 11 12th June 2008 04:55 AM
Automatic Thread Subscription When Posting? JMJ_coder Feedback and Suggestions 6 6th May 2008 03:20 AM


All times are GMT. The time now is 09:08 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick