Eventually you'll get to the point where you need a script that just kicks all the users off except the 'root' account (provided you're logged in as root or su).
This script:
checks to see that the user running the script is 'root'
does a 'w' listing (shows who's currently logged on) and an inverted grep '-v' to find the users
kills off the user accounts with 'skill'
(Enter other account exceptions into the bold text)
----------------------------------------------------------
#!/bin/bash
# logoffeveryone.sh
# Written by Andrew Elliott, 9-APR-2009
#
USER_LOG=/root/loggedonusers.txt
ROOT_UID=0
if [ "$UID" -ne "$ROOT_UID" ]
then
echo "Must be root to run this script!"
exit
fi
cd /root
echo "-----------------------------" > $CHAGE_LOG
w | cut -f 1 -d " " | grep -v 'root' | grep -v 'anyotheruser' | while read TEMP1
do
echo "Logging off user: $TEMP1"
skill -KILL -u $TEMP1
done
exit 0
----------------------------------------------------------
Wednesday, July 8, 2009
Script - Remove files older than 1 day from /root
A quick bash script that I wrote that does the following:
Checks to see if the user is root (good to do with all your scripts if you 'sudo')
finds all files older than 1 day (-ctime +1)
deletes the files
sends an email to 'root' with a small report of the deleted files
(the numb -3 is to calculate the number of files deleted - there are 3 header lines in the report)
(the statement in bold allows you to specify file formats to delete...*.csv in my case...)
------------------------------------------
#!/bin/bash
# rmroottemp.sh
# Written by Andrew Elliott, 20-feb-2009
#
RM_LOG=/root/rmroottemplog.txt
ROOT_UID=0
if [ "$UID" -ne "$ROOT_UID" ]
then
echo "Must be root to run this script!"
exit
fi
cd /root
echo "-----------------------------" > $RM_LOG
echo "Report for files removed from /root" >> $RM_LOG
echo "-----------------------------" >> $RM_LOG
find /root -ctime +1 -maxdepth 1 | grep 'searchtermhere' | while read TEMP1
do
echo "$TEMP1" >> $RM_LOG
rm -rf $TEMP1
done
NUMB=`cat $RM_LOG | wc | cut -c1-8 | sed 's/^[ ]*//'`
NUMB=$(($NUMB - 3))
/bin/mail -s "Root temp file cleanup $NUMB files deleted" root < $RM_LOG
rm -rf $RM_LOG
exit 0
------------------------------------------
Checks to see if the user is root (good to do with all your scripts if you 'sudo')
finds all files older than 1 day (-ctime +1)
deletes the files
sends an email to 'root' with a small report of the deleted files
(the numb -3 is to calculate the number of files deleted - there are 3 header lines in the report)
(the statement in bold allows you to specify file formats to delete...*.csv in my case...)
------------------------------------------
#!/bin/bash
# rmroottemp.sh
# Written by Andrew Elliott, 20-feb-2009
#
RM_LOG=/root/rmroottemplog.txt
ROOT_UID=0
if [ "$UID" -ne "$ROOT_UID" ]
then
echo "Must be root to run this script!"
exit
fi
cd /root
echo "-----------------------------" > $RM_LOG
echo "Report for files removed from /root" >> $RM_LOG
echo "-----------------------------" >> $RM_LOG
find /root -ctime +1 -maxdepth 1 | grep 'searchtermhere' | while read TEMP1
do
echo "$TEMP1" >> $RM_LOG
rm -rf $TEMP1
done
NUMB=`cat $RM_LOG | wc | cut -c1-8 | sed 's/^[ ]*//'`
NUMB=$(($NUMB - 3))
/bin/mail -s "Root temp file cleanup $NUMB files deleted" root < $RM_LOG
rm -rf $RM_LOG
exit 0
------------------------------------------
Tuesday, July 7, 2009
Need Samba to work RIGHT NOW!? - Open Access smb.conf
"Open Access?? Are you crazy? What about security concerns?!"
Obviously I would not recommend this Samba configuration to anyone BUT home users...and even that is a stretch with today's trojans, viruses and backdoors. If you're only going to share out music, video and pictures like me...well, what's the big deal?
I hate entering passwords at home!...especially after you've been into the wacky tobaccy with your buddies and just want to show off your new MythTV setup and get on with the viewing of "Cheech and Chong's Up in Smoke" or "A Clockwork Orange"!
Here's an open configuration for Samba:
(security disclaimer: If you use this configuration file, I'm not liable...etc, etc, blah blah...you know the scoop)
----------------------------------------
/etc/samba/smb.conf
----------------------------------------
[global]
workgroup = MSHOME
server string = %h server (Samba, Ubuntu)
dns proxy = no
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
security = share
encrypt passwords = true
passdb backend = tdbsam
obey pam restrictions = no
guest account = nobody
invalid users = root
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
socket options = TCP_NODELAY
wins support = no
[printers]
comment = All Printers
browseable = no
path = /tmp
printable = yes
public = no
writable = no
create mode = 0700
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
browseable = yes
read only = yes
guest ok = no
[video]
path = /mnt/vidmnt/Video
browsable = yes
public = yes
guest ok = yes
guest only = yes
guest account = nobody
writable = yes
[music]
path = /mnt/vidmnt/Music
browsable = yes
public = yes
guest ok = yes
guest only = yes
guest account = nobody
writable = yes
[pictures]
path = /mnt/vidmnt/Pictures/
browsable = yes
public = yes
guest ok = yes
guest only = yes
guest account = nobody
writable = yes
----------------------------------------
This configuration takes into account that your home workgroup is named 'MSHOME'. If you can't browse it from a Windows workstation, this is probably the cause. The TCP_NODELAY has been added to speed up access on your local network.
I believe that most Samba configurations are done through the web interface these days...but I'm more of a Linux command-line purist: I love vi. Not because it's easy...but because it isn't!
This file is available via 'wget' and should work with most distributions:
cd /etc/samba
cp /etc/samba/smb.conf /etc/samba/smb.backup.conf
wget http://interslice.dnsalias.com/smb.conf
If you need to restart samba:
'/etc/init.d/samba restart'
Here's the official HOW-TO collection, straight from the horse's mouth:
http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/
Andrew.
Obviously I would not recommend this Samba configuration to anyone BUT home users...and even that is a stretch with today's trojans, viruses and backdoors. If you're only going to share out music, video and pictures like me...well, what's the big deal?
I hate entering passwords at home!...especially after you've been into the wacky tobaccy with your buddies and just want to show off your new MythTV setup and get on with the viewing of "Cheech and Chong's Up in Smoke" or "A Clockwork Orange"!
Here's an open configuration for Samba:
(security disclaimer: If you use this configuration file, I'm not liable...etc, etc, blah blah...you know the scoop)
----------------------------------------
/etc/samba/smb.conf
----------------------------------------
[global]
workgroup = MSHOME
server string = %h server (Samba, Ubuntu)
dns proxy = no
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
security = share
encrypt passwords = true
passdb backend = tdbsam
obey pam restrictions = no
guest account = nobody
invalid users = root
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
socket options = TCP_NODELAY
wins support = no
[printers]
comment = All Printers
browseable = no
path = /tmp
printable = yes
public = no
writable = no
create mode = 0700
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
browseable = yes
read only = yes
guest ok = no
[video]
path = /mnt/vidmnt/Video
browsable = yes
public = yes
guest ok = yes
guest only = yes
guest account = nobody
writable = yes
[music]
path = /mnt/vidmnt/Music
browsable = yes
public = yes
guest ok = yes
guest only = yes
guest account = nobody
writable = yes
[pictures]
path = /mnt/vidmnt/Pictures/
browsable = yes
public = yes
guest ok = yes
guest only = yes
guest account = nobody
writable = yes
----------------------------------------
This configuration takes into account that your home workgroup is named 'MSHOME'. If you can't browse it from a Windows workstation, this is probably the cause. The TCP_NODELAY has been added to speed up access on your local network.
I believe that most Samba configurations are done through the web interface these days...but I'm more of a Linux command-line purist: I love vi. Not because it's easy...but because it isn't!
This file is available via 'wget' and should work with most distributions:
cd /etc/samba
cp /etc/samba/smb.conf /etc/samba/smb.backup.conf
wget http://interslice.dnsalias.com/smb.conf
If you need to restart samba:
'/etc/init.d/samba restart'
Here's the official HOW-TO collection, straight from the horse's mouth:
http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/
Andrew.
Monday, July 6, 2009
Hello World!...This is my cynical view...
"Oh crap, not the 'hello world' thing again..."
If I had a penny for every time someone signed up for a twitter or blogger account and their only post was "hello world", I would be a rich, rich man!
...Unfortunately for my critics, this is not the case and I'm just as poor as the rest of the upper-middle class. I have to cut costs and fees anywhere I can, just to put bird seed on the table...and at the end of the day, I have more money than you!
Why? I have a 'secret'...A "better way" if you will...(in the Agent Smith voice in the Matrix)
"A secret?...hmm...do go on.."
I pay $2.50 a month for my phone. How? Asterisk: the open-source VOIP platform that runs on Linux. I connect directly via the IAX2 protocol to Unlimitel wholesale VOIP which connects to the public switched telephone network (PSTN). This solution requires NO SOFTWARE LICENSING WHATSOEVER.
"Whatever...we all know that EVERY PBX needs licenses...Avaya, Nortel...take your pick...how is it we have not heard about this Asterisk before?"
You haven't heard as much about Asterisk because the executives in your corporation can't buy stock in it...and if they can't make money off their decisions, why would they promote it? After all, they only make 6 figures a year...how are they supposed to send 2 kids to an Ivy league school on THAT salary?!
It's true though. In these tough times the rich keep getting richer. Sure, they could have recommended Open-source solutions and saved MILLIONS in licensing costs and KEPT all those tech jobs in North America rather than outsourcing to India...
Think about that...Think about the impact on your local economy if all those outsourced technical jobs were still here...cars, houses, food...Simply by having a few executives select Open-Source over a big-name proprietary solution...It's the small ripple that could potentially turn into a tidal wave and right the sinking ship that is our economy!
I suppose some of them could have chosen Open-Source when they had the chance...but that wouldn't have put any more Rupees in their silk-lined pockets...
IT Executives, make yourselves look good: Choose Open-Source!
(More on exactly how I did this in upcoming blog)
Open-Source VOIP
http://www.asterisk.org/
http://www.trixbox.org/
http://www.freepbx.org/
http://www.unlimitel.ca/
Subscribe to:
Posts (Atom)