Dear Gurus,
I asked:
> how can I find out the userid, that
> executed the "su -" command.
Thanks to all who answered my question, too many to list the names. As
usual, I learned a lot :)
/var/adm/sialog (touch that file if it does not exist)
/var/adm/syslog.dated/*/auth.log
|
most recent date here (probably)
Bruce Hines <Bruce.Hines_at_mci.com>:
ps -o user -p $PPID
-if you are using ksh
Jim Smart <jim_at_tsw.com.au> sent me an example of how to find it out
with ps commands:
8< ---------------- JS -------------------- >8
The first one gets the tty associated
# ps -ef | grep s_up
root 14459 24343 0.0 19:57:54 ttya1 0:00.01 grep s_up
root 30751 6881 0.0 Oct 10 ttypG 0:00.25 sh
This one gets everything associated with the device, most of the time.
# ps -ft ttypG
UID PID PPID C STIME TTY TIME CMD
jim 3730 819 0.0 Oct 06 ttypG 0:00.07 -sh (sh)
root 6881 18103 0.0 Oct 06 ttypG 0:05.49 bash
jim 16159 3730 0.0 Oct 06 ttypG 0:00.10 bash
root 18103 16159 0.0 Oct 06 ttypG 0:00.03 -sh (sh)
root 18195 30751 0.0 19:15:28 ttypG 0:00.01 sleep 3600
root 30751 6881 0.0 Oct 10 ttypG 0:00.25 sh
/usr/local/bin/jims
#
So in this case , it was me !
You can trace what is happening by using the PID fields. In order ...
<user> <PID> <ParentPID>
So I logged in as jim, bash'ed, su'ed to root, bash'ed, ran a script
and the script is currently sleeping for 3600 seconds
8< ---------------- JS -------------------- >8
I decided to write a small c-program that did what I want:
8< ---------------- cut here -------------------- >8
#include <unistd.h>
#include <stdio.h>
main()
{
printf( "%s\n", getlogin());
}
8< ---------------- cut here -------------------- >8
Thanks once more to all who respondet.
Gerhard
--
Gerhard Nolte
Email: gnolte_at_gwdg.de Voice: +49-551-5176-716 Fax: +49-551-5176-704
MPI fuer Stroemungsforschung, Bunsenstr. 10, 37073 Goettingen, Germany
Received on Tue Oct 13 1998 - 08:35:43 NZDT