Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!ut-emx!walt.cc.utexas.edu!erlkonig From: erlkonig@walt.cc.utexas.edu (Christopher North-Keys) Newsgroups: comp.unix.wizards Subject: Special tasks at login [was Re: Automatic login script execution] Keywords: login Message-ID: <28003@ut-emx.UUCP> Date: 11 Apr 90 05:07:39 GMT References: <4147@uceng.UC.EDU> <262284c4.2013@petunia.CalPoly.EDU> Sender: news@ut-emx.UUCP Reply-To: erlkonig@walt.cc.utexas.edu (Christopher North-Keys) Organization: Packaging/Interconnect, M.C.C. Lines: 76 THE FOLLOWING CONTAINS A REASONABLY TIDY, BUT TOTALLY UNSUPPORTED HACK TO THE SYSTEM LOGIN COMMAND. SINCE NO SYSTEM'S CONFIGURATION CAN BE FULLY ANTICIPATED, NOTE THAT EVEN DOING THE BELOW CORRECTLY MAY DISABLE ALL LOGINS TO YOUR SYSTEM, OR WORSE. IT MIGHT BE GOOD TO HAVE INSTALLATION TAPES ON HAND WHILE EXPERIMENTING... schriste@uceng.UC.EDU (Steven V. Christensen) writes: > Can anyone point me to a login.c replacement ... when looking for a way to have a notice, etc., read by all users. Steve and several of those replying immediately began discussing /etc/motd, ~/.cshrc, /etc/cshrc, ~/.profile, etc. None of these remotely answer the problem. A user can turn off /etc/motd viewing for him/herself with ~/.hushlogin, and the various startup scripts only apply to their specific interpreters, most of which have a different syntax. (Do *you* know the command syntax for the "ish" shell? No, I don't either...) What is needed is a way to specify a *program* for login to run as each user logs in. Currently on /usr/ucb/quota appears to be used this way. So... backup your login program and do the following (after backup it up): (Have you backed up your login first?) Whip out your GNUEmacs or other binary-capable editor; note that this generally does *not* include VI. Load in the login program *executable* for editing. Notice the /usr/ucb/quota string with the binary. This string is the argument to a call to run another program. Warnings: Do NOT alter the length of the binary. Do NOT try to replace /usr/ucb/quota with a longer pathname. Do NOT put in a path to a script, it would be *very* insecure. Replace the existing path with the new path of the same length or less, padding any leftover space with zeros. Be very careful to exactly match the length of the original path with the sum of the new pathlength and trailing zeros. A program path like /usr/etc/logex might be appropriate (this assumes that the path /usr/ucb/quota was actually used on your system; BE WARNED). The resulting file, once saved, will contain a hook which can be filled with virtually any utility. Examples: A program putting up a banner from a network-wide file, in addition to the local /etc/motd (Steve's problem). A program performing additional accounting or administrative tasks. A program to notify an administrator in real time of the login, or other security-related job. Additional check: compare the sizes of the original and new login executables with "wc" or equivalent. They must be equal. Be particularly careful of creating new security holes. as login is usually set-UID root. Thus no user should be able to effect the added program's activity. ------ It would have been nice if login read a file on startup for additional administrative programs to run, instead of hard-wiring /usr/ucb/quotas. Good luck. Don't screw up and lock yourself out of your system. Remember you can test the new one by executing it by ./login or the equivalent (csh traps the simple token "login". and performs an exec.) Don't install it carelessly. ------------------------------------/\---------------------------------------- Seo: Harp[@Mcc.Com] / \/\ ^*^ Christopher North-Keys Tha mi gu trang a'cluich. / \ \ Assoc. Systems Analyst, MCC --------------------------------(disclaimer)----------------------------------