Options

Automatic launching of a script upon login (OpenBSD) Help me figure this out

GrimReaperGrimReaper Registered User regular
Okay, i've been mulling about an idea ever since I got works new FTP server up and running.

Currently, here's how it works:

I have the ftp server running with virtual users as a security precaution, this is running pure-ftpd on top of OpenBSD. At the moment all user management is done by me, so creation, modifying etc. All me.

I've had an idea to both make my life a bit more simpler and possibly offload the work to someone else. I have seen in the past that upon login on a console a bash script (or some kind of shell script) can run upon immediate login.

My plan is to create an interactive script that can create, modify and delete users purely from simple selections, for example this would appear upon connection:
Welcome to the bla FTP server, please make your selection:

1) Create user
2) Modify user
3) Delete user
4) Logout

Upon entering a number and pressing enter it goes through further menus to do this like change passwords, entering user names etc. (essentially the script passes the commands like "pure-pw useradd %username% -u ftpuser -d %homedir%")

Here's my plan as I see it, I need to do the following:
  • Figure out how to do automatic login via putty with public/private key authentication (this is especially important if I offload the work to someone else)
  • Create a (super?)user specifically for this task, I don't want it to have full root capabilities. Just enough for pure-ftpd.
  • Learn a command line scripting language
  • Figure out how to get it to launch the script immediately upon connection
  • Disable users ability to ctrl-c out, if they ctrl-c I don't want it going to the command line but to immediately logout. In other words no shell access.

I'm open to suggestions on how to approach this. Any ideas on what I should be reading up on?

PSN | Steam
---
I've got a spare copy of Portal, if anyone wants it message me.
GrimReaper on

Posts

  • Options
    ZetxZetx 🐧 Registered User regular
    edited June 2008
    I think if you're using the bash shell, it has a nice scripting language (sorry no BSD experience, just linux >_>) and maybe you could set the user's shell to be the script itself?

    I've been on Windows for awhile now so I can't remember everything :\ (Also I think you might be able to put enough parameters into a putty shortcut to let it autologin (though it'd be in the shortcut which is a bit of a security risk, but that depends on whether you have the password in it or not...) I know you can do putty.exe youripordomainhere.com so maybe you can take a user@ or user:pass@ in front of the domain...

    Hope that helps!

    Zetx on
  • Options
    GrimReaperGrimReaper Registered User regular
    edited June 2008
    Zetx wrote: »
    I think if you're using the bash shell, it has a nice scripting language (sorry no BSD experience, just linux >_>) and maybe you could set the user's shell to be the script itself?

    I've been on Windows for awhile now so I can't remember everything :\ (Also I think you might be able to put enough parameters into a putty shortcut to let it autologin (though it'd be in the shortcut which is a bit of a security risk, but that depends on whether you have the password in it or not...) I know you can do putty.exe youripordomainhere.com so maybe you can take a user@ or user:pass@ in front of the domain...

    Hope that helps!

    Well, I figured out how to do auto-login using public/private key authentication. I used puttygen to generate a key, copied the public key to the users .ssh/authorised_keys file, chmod'd the .ssh directory and authorized_keys file. Then I went into putty, under connection/data input the users name under "Auto-login username" then went into connection/ssh/auth and selected the private key file (.ppk) that was generated by puttygen for "Private key file for authentication".
    I can now get it to login automatically without any user interaction as long as that user has the private key file.

    About the setting the users shell to the script, that's what I was thinking. I've not really ventured into that territory before.
    My current shell selections from openbsd adduser: csh false ksh nologin sh

    No prizes for guessing what false and nologin are.

    GrimReaper on
    PSN | Steam
    ---
    I've got a spare copy of Portal, if anyone wants it message me.
  • Options
    ZetxZetx 🐧 Registered User regular
    edited June 2008
    Hm, I wonder if you can run a bash script if the user isn't logged into the bash shell :|

    Zetx on
Sign In or Register to comment.