Scripts

shell-script-pt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Scripts

From:	Lucio Rene Souza Cunha
Subject:	Scripts
Date:	Thu, 27 Sep 2001 08:57:45 -0300
User-agent:	Mozilla/5.0 (X11; U; Linux 2.2.19pre17 i586; en-US; m18) Gecko/20001103

pessoall,

tenho que automatizar um processo de ttysnoop, como ottysnoop necessita de uid 0 tive que fazer o script abaixo com suid root( mesmo sabendo das vulnerabilidades).

O problema é que quando esse script chama o /sbin/ttysnoop o programattysnoop come 99% de processamento, existe algo no codigo que estejaocasionando issu?


bom o ttysnoop rodando normalmente  nao chega 2% de processamento da maquina

fiz um script rodando /sbin/ttysnoop ttyp$1 e ele mantem suaspropriedades normais.


>> Script comedor de memoria :P <<

dia=`/bin/date "+%H:%M_%d-%m-%Y"`
hst=`/bin/echo "$REMOTEHOST"`
tty=`/usr/bin/tty | /usr/bin/cut -c6-10`
lend=` /usr/bin/who -l | /bin/grep $tty  `
cinf=`/bin/echo $dia $hst`
/bin/echo $cinf  | /bin/mail -s dgtbfScript address@hidden
ffile=`who -l | grep $tty | cut -c23- | tr -d " " | tr -d \( | tr -d \) `
/sbin/ttysnoop $tty > /tmp/logs/l$ffile &
"alias" ls="/bin/ls --color=no"

--EOF

e o ltrace me voltou o seguinte:


<... select resumed> )                            = 1
read(0,  <unfinished ...>
event: syscall (3)
SYS_read(0,  <unfinished ...>
event: sysret (3)
<... SYS_read resumed> "", 256)                   = 0
<... read resumed> "", 256)                       = 0
write(3, "", 0 <unfinished ...>
event: syscall (4)
SYS_write(3, "", 0 <unfinished ...>
event: sysret (4)
<... SYS_write resumed> )                         = 0
<... write resumed> )                             = 0
select(4, 0xbffffa60, 0, 0, 0 <unfinished ...>
event: syscall (142)
SYS__newselect(4, 0xbffffa60, 0, 0, 0 <unfinished ...>
event: sysret (142)
<... SYS__newselect resumed> )                    = 1
<... select resumed> )                            = 1
read(0,  <unfinished ...>
event: syscall (3)
SYS_read(0,  <unfinished ...>
event: sysret (3)
<... SYS_read resumed> "", 256)                   = 0
<... read resumed> "", 256)                       = 0
write(3, "", 0 <unfinished ...>
event: syscall (4)
SYS_write(3, "", 0 <unfinished ...>
event: sysret (4)
<... SYS_write resumed> )                         = 0
<... write resumed> )                             = 0
select(4, 0xbffffa60, 0, 0, 0 <unfinished ...>
event: syscall (142)
SYS__newselect(4, 0xbffffa60, 0, 0, 0 <unfinished ...>
event: sysret (142)
<... SYS__newselect resumed> )                    = 1
<... select resumed> )                            = 1
read(0,  <unfinished ...>
event: syscall (3)
SYS_read(0,  <unfinished ...>
event: sysret (3)
<... SYS_read resumed> "", 256)                   = 0
<... read resumed> "", 256)                       = 0
write(3, "", 0 <unfinished ...>
event: syscall (4)
SYS_write(3, "", 0 <unfinished ...>
event: sysret (4)



entao eu soh tenho a dizer:
HELP ME!!!
:)

[]'z

[Prev in Thread]

Current Thread

[Next in Thread]

Scripts, Lucio Rene Souza Cunha <=

Prev by Date: Shell Script
Next by Date: Ordenar arquivo
Previous by thread: Shell Script
Next by thread: Ordenar arquivo
Index(es):
- Date
- Thread