我是linux的新手,对新手问题感到抱歉.
我有一个功课额外的信用问题,我试图做,但未能得到它.
Q. Write a security shell script that logs the following information
for every process: User ID,time started,time ended (0 if process is
still running),whether the process has tried to access a secure file
(stored as either yes or no) The log created is called
process_security_log where each of the above pieces of information is
stored on a separate line and each entry follows immediately (that is,
there are no blank lines). Write a shell script that will examine
this log and output the User ID of any process that is still running
that has tried to access a secure file.
我开始尝试捕获用户并回显它但失败了.
output=`ps -ef | grep [*]`
set -- $output
User=$1
echo $User
您需要像auditd,SELinux或直接内核黑客(即fork.c)这样的东西来在安全日志记录领域中远程执行任何操作.
更新
其他人提出了使用shell命令日志记录,ps和朋友(proc或sysfs)的建议.它们可能很有用,并且确实有它们的位置(显然).我认为不应该为此目的而依赖它们,特别是在教育背景下.
… whether the process has tried to access a secure file (stored as either yes or no)
似乎是其他答案忽略的那个.我坚持原来的答案,但丹尼尔指出,还有其他有趣的方法来装饰这些数据.
对于教育练习,这些工具将有助于提供更完整的答案.
linux常用进程通信方式包括管道(pipe)、有名管道(FIFO)、...
Linux性能观测工具按类别可分为系统级别和进程级别,系统级别...
本文包含作者工作中常用到的一些命令,用于诊断网络、磁盘占满...
linux的平均负载表示运行态和就绪态及不可中断状态(正在io)的...
CPU上下文频繁切换会导致系统性能下降,切换分为进程切换、线...