From owner-freebsd-questions@FreeBSD.ORG Sun Feb 7 15:21:37 2010 Return-Path: Delivered-To: questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E8F54106568F for ; Sun, 7 Feb 2010 15:21:37 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mx02.qsc.de (mx02.qsc.de [213.148.130.14]) by mx1.freebsd.org (Postfix) with ESMTP id ABF278FC13 for ; Sun, 7 Feb 2010 15:21:37 +0000 (UTC) Received: from r55.edvax.de (port-92-195-104-232.dynamic.qsc.de [92.195.104.232]) by mx02.qsc.de (Postfix) with ESMTP id 112FA23A5E; Sun, 7 Feb 2010 16:21:35 +0100 (CET) Received: from r55.edvax.de (localhost [127.0.0.1]) by r55.edvax.de (8.14.2/8.14.2) with SMTP id o17FLZc7001544; Sun, 7 Feb 2010 16:21:35 +0100 (CET) (envelope-from freebsd@edvax.de) Date: Sun, 7 Feb 2010 16:21:35 +0100 From: Polytropon To: Erik Norgaard Message-Id: <20100207162135.29d13699.freebsd@edvax.de> In-Reply-To: <4B6E0F66.4060707@locolomo.org> References: <4B6E0F66.4060707@locolomo.org> Organization: EDVAX X-Mailer: Sylpheed 2.4.7 (GTK+ 2.12.1; i386-portbld-freebsd7.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: questions@freebsd.org Subject: Re: Howto run privileged commands on login/logout X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Polytropon List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 07 Feb 2010 15:21:38 -0000 On Sun, 07 Feb 2010 01:55:02 +0100, Erik Norgaard wrote: > Hi: > > I'm playing around with diskless operation. I'd like to be able to run > privileged commands when a user logins or logs out: You can handle this in two ways: a) On a per-user basis, you can use the user's ~/.login and ~/.logout files; those are corresponding to the C Shell, and assuming that csh is the dialog shell for the user. b) On an all-users basis, you can use /etc/csh.login and /etc/csh.logout to have all users perform the commands you want to run. > - on login, nfs mount the user's home directory (ok, not critical, I can > mount /home) As it has already been mentioned, it is easy to use amd and / or automounter tool for that. > - on logout a system reboot to clean up any temporary files left from > the session. A system reboot? To clean up temporary files? Caused by an "ordinary" user? Excuse me, Sir, what strange country are you from? :-) Honestly, that's not neccessary. If you want to make sure that all temporary files belonging to a specific user are deleted upon user logout, you can simply let him do it by his ~/.logout script, e. g. using "rm -rf /tmp"; this might sound very violent, but it will only delete the user's files from the /tmp subtree. There are very few occassions you HAVE to reboot a BSD machine. Cleaning temporary files is *not* one of them, especially if you don't have clear_tmp_enable set to "YES" in /etc/rc.conf. If temporary files are left in other directories you know of, you can clean them as well. > Is this possible, without messing arround with sudo or adding users to > wheel or operator groups? Of course. You can edit the permissions for the programs you explicitely want to allow "ordinary" users to run, e. g. the /sbin/shutdown binary. A sidenote: If we're talking about X, the GiveConsole and TakeConsole in /usr/local/lib/X11/xdm/ can be used. Those are shell scripts that allow chown'ing and chmod'ing files to specific users, as well as other things. I know that a problem may occur when multiple users log in. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...