Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW
 
PerlMonks  

Kill User

by Octavian (Monk)
on Oct 30, 2000 at 21:10 UTC ( [id://39131]=sourcecode: print w/replies, xml ) Need Help??
Category: Utilities
Author/Contact Info Octavian
Description: This is a program I wrote when I needed to come up with a way to quickly disable someone for whatever reason, and prevent them from being able to log on, it kills everything that they are running...and it keeps running until killed, so even when they try to log back on it kills them again. This was written on a HP10.20 machine, but it should work on any system that has fuser. 
#!/usr/local/bin/perl

$target = shift(@ARGV);

do{
@users = `finger`;

foreach $line(@users)
{
  if(grep(/$target/,$line))
  {
    @rec = split(/\s+/,$line);
    $rec[3] =~ s/\*//;
    if(grep(/\D/,$rec[3]))
    {
      if(grep(/dtr/,$rec[3]))
      {
        next;
      }
      elsif(grep(/con/,$rec[3]))
      {
        `/usr/sbin/fuser -k /dev/console`;
      }
      else
      {
        `/usr/sbin/fuser -k /dev/tty$rec[3]`;
      }
    }
    else
    {
     if(grep(/dtr/,$rec[3]))
      {
        next;
      }
      else
      {
      `/usr/sbin/fuser -k /dev/pts/$rec[3]`;
      }
    }
  }
}
sleep 2;
} until $done eq "done";
Replies are listed 'Best First'.
RE: Kill User
by Fastolfe (Vicar) on Oct 30, 2000 at 21:25 UTC
    You may be interested in the =~ m// operation instead of grep. I'd also use $_ to simplify other stuff: 
    foreach (@users) {
   if (/$target/) {
      $rec = (split)[3];
      if ($rec =~ /\D/) {
         next if $rec =~ /dtr/;
... etc

    [download]
    Though mainly this is just a style thing.

    In addition, your outermost else block seems weird. The first test in the block is for /dtr/, which should never be true, since your outer test is for /\D/, or non-digits, which would have matched already.

    When is $done set? use strict; would have alerted you that this is only used once in your code. Your script seems to be an infinite loop.

    Also, a security note: if your PATH has been modified at all to cause you to run a different 'finger' than usual, or if someone is able to mangle their finger information so as to put arbitrary text on the 4th field, your `/usr/sbin/fuser -k /dev/tty$rec[3]` statement could potentially execute arbitrary code. As root, this could be a very bad thing. Consider perlsec and running with taint-checking enabled.

    I don't mean for this to be a critique of your code.. I just feel you might be interested. :)

[reply]
[d/l]
[select]
      finally someone who doesnt beat up on me ;) yes, it is meant to be an infinite loop, so if they try to log on again, it is still "hunting" them, this program was actually written very quickly during one of my "perl wars" with another sysadmin, in an attempt to get him off the system before he did something to me. I have never been to a perl class or anything of the sort, so to be honest, I have never heard of the strict command or seen it used. so that would explain why I didnt use that or used the system calls. my code should be improving now cause of this page ;)
[reply]
        In that case, this site should help you immensely. Good luck.
[reply]
RE: Kill User
by merlyn (Sage) on Oct 30, 2000 at 21:13 UTC
    Please don't use backquotes in a void context. You'll want 
    system "/usr/bin/fuser", "-k", "/dev/pts/$rec[3]";

    [download]
    for example.

    Backquotes in a void context do more work than needed, and keep you from seeing output of the commands and keep you from interacting with the command if needed.

    -- Randal L. Schwartz, Perl hacker

[reply]
[d/l]
RE: Kill User
by AgentM (Curate) on Oct 30, 2000 at 21:19 UTC
    Hmmm...seems overly complicated. I could compact this into two shell lines:
    1. kill user's current ps list
    2. add entry into /etc/.notelnet (or whatever it's called on your system)
    Running this as a fake daemon is wasteful. Polling for results is wasteful in most situations, anyway.
    AgentM Systems nor Nasca Enterprises nor Bone::Easy nor Macperl is responsible for the comments made by AgentM. Remember, you can build any logical system with NOR.
[reply]
      I used fuser because I was told it was safer to use on peoples programs than just doing a straight kill on them..something to do with hanging CDE or something. And it is never used as a daemon I just ran it, and when done, I hit control - c to break out.
[reply]
        But the user still has a small window of time to do something we he logs in. You must run this script in an infinite loop as Fastolfe mentioned, POLLING, no worse, and grepping something. If CDE was hanging with SIGKILL, then you should have tried a different signal, perhaps SIGQUIT. You have to run this wasteful script for as long as you want to block the user. I can imagine that this script is eating an unusual amount of processing time when all you need to do is block them from telnetting in, not killing their processes when you see one. This is very inefficient and unsafe code.
        AgentM Systems nor Nasca Enterprises nor Bone::Easy nor Macperl is responsible for the comments made by AgentM. Remember, you can build any logical system with NOR.
[reply]

Back to Code Catacombs

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: sourcecode [id://39131]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others having a coffee break in the Monastery: (3)
As of 2025-11-17 01:18 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    What's your view on AI coding assistants?





    Results (72 votes). Check out past polls.
    Notices?
    hippoepoptai's answer Re: how do I set a cookie and redirect was blessed by hippo!
    erzuuliAnonymous Monks are no longer allowed to use Super Search, due to an excessive use of this resource by robots.