* ZSH Local or Remote?
@ 2005-11-27 20:20 Steven Klass
2005-11-27 21:02 ` Brian K. White
0 siblings, 1 reply; 3+ messages in thread
From: Steven Klass @ 2005-11-27 20:20 UTC (permalink / raw)
To: zsh-users
Hi all,
Does anyone have a nice slick function to determine whether the
machine you are logged on to is local or remote? Basically you will
get the tty of the current shell and grep for this in who or pinky.
If you get :[0-9] you must be local.
Clearly this isn't bullet proof but I was wondering if any of you
had a really slick way of figuring this out..
Why you ask? If I am locally logged in I want to run keychain. If a
person is remote AND the machine is a trusted_machine I want to run
keychain. Otherwise don't...
Keep in mind this needs to run multiplatform - so be carefull which
command you use..
---
Steven Klass
sklass@pointcircle.com
(480) 988-5657
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: ZSH Local or Remote?
2005-11-27 20:20 ZSH Local or Remote? Steven Klass
@ 2005-11-27 21:02 ` Brian K. White
2005-11-27 21:34 ` Brian K. White
0 siblings, 1 reply; 3+ messages in thread
From: Brian K. White @ 2005-11-27 21:02 UTC (permalink / raw)
To: zsh-users
----- Original Message -----
From: "Steven Klass" <sklass@pointcircle.com>
To: "zsh-users" <zsh-users@sunsite.dk>
Sent: Sunday, November 27, 2005 3:20 PM
Subject: ZSH Local or Remote?
> Hi all,
>
> Does anyone have a nice slick function to determine whether the machine
> you are logged on to is local or remote? Basically you will get the tty
> of the current shell and grep for this in who or pinky. If you get
> :[0-9] you must be local.
>
> Clearly this isn't bullet proof but I was wondering if any of you had a
> really slick way of figuring this out..
>
> Why you ask? If I am locally logged in I want to run keychain. If a
> person is remote AND the machine is a trusted_machine I want to run
> keychain. Otherwise don't...
>
> Keep in mind this needs to run multiplatform - so be carefull which
> command you use..
I have something like that but it's not especially slick.
I have for example a case statement for what command line args and how to
parse the output of the who command.
And it's in the form of 2 seperate scripts. tellip and amilocal
------------------
#!/bin/ksh
#
# tellip - "Tell IP"
# prints the IP or Hostname that the user is connecting from.
# mostly used in other scripts to determine non-static addresses.
#
# can be run on SCO, Linux, FreeBSD
#
# Brian K White - brian@aljex.com - Aljex Software
# facetwin screws up "who" so try to use facetwin variable instead.
[ -n "${FACETWINIPADDR}" ] && { echo "${FACETWINIPADDR}" ; exit ; }
# "who" tries to show hostname but chops long names, try to use ssh
variable.
[ -n "${SSH_CLIENT}" ] && { echo "${SSH_CLIENT}" |awk '{print $1}' ; exit
; }
case `uname -s` in
Linux) who -m |cut -d\( -f2 |cut -d\) -f1 ;;
FreeBSD) who |cut -d\( -f2 |cut -d\) -f1 ;;
SCO_SV) who -umx | awk '{ print $6 }' ;;
esac
------------------
------------------
#!/bin/ksh
#
# amilocal - "Am I Local?"
# Detects if the user is connecting from inside or outside the local LAN.
#
# Requires "tellip"
#
# Brian K. White - brian@aljex.com - Aljex Software
TTY=`tty`
LOGFILE=/var/log/WAN-LOGINS
LOGGING=false
VERBOSE=false
for ARG in $@ ; do
case ${ARG} in
-l) LOGGING=true ;;
-v) VERBOSE=true ;;
esac
done
case ${TTY} in
/dev/tty[1-9]|/dev/tty[012][0-9])
${VERBOSE} && echo "YES: TTY=`tty`"
exit 0
;;
*)
IP=`tellip`
ID=`id -un`
grep -q ${IP} /etc/LAN && {
${VERBOSE} && echo "YES: IP=${IP}"
exit 0
} || {
${LOGGING} && echo "`date`\t${ID}\t${IP}" >>${LOGFILE}
${VERBOSE} && echo "NO: IP=${IP}"
exit 1
}
;;
esac
--------------
As you can see, /etc/LAN is a text file that lists ip addresses/hostnames on
the lan with the server.
It starts as a copy of /etc/hosts (which lists all local subnet & vpn ip's
that wouldn't be in dns)
It would be more automatic to parse ifconfig, but I want to deliberately
leave out some ip's once in a while.
Still that could be done with a list of exclusions instead of a list of
inclusions I guess, except I think a list of inclusions is safer.
At random times I find it handy to say "tellip" at the command line, or
"amilocal -v"
or testing customers inbound nat/firewall from on-site, by connecting out to
my bix and then "telnet `tellip` 25" "ssh `tellip`" etc...
But it's main use is in /etc/profile where I set $AMILOCAL and $SRVIP and do
some other lan vs wan changes like setting default print destination to
passthru-print or not.
Then many many other places througout my software I just drop
getenv("SRVIP") into urls and/or consult getenv("AMILOCAL") to decide which
of 2 ways to do something or if something should be allowed or if something
is even possible. $AMILOCAL gets used right of the bat in the users .profile
in some cases to decide which starting point they get put into in the app.
$AMILOCAL && start_full_access || start_limited_access
I think it's just about impossible to make something like this that's really
elegant and works everywhere.
The biggest problem is that you can not predict or know all the possible tty
names and know whether they are local or not.
Multi-port serial cards and network serial server boxes have no end of types
of names, various network servers produce different types of names.
Various session manager apps produce fake ttys of different types of names.
Equinox esp-16 for example, network serial box, lets you invent a tty name
prefix of anything you like during driver install. It just checks to make
sure it won't collide with something already existing.
Granted the serial terminal case is getting pretty rare and you could just
do like I did and simply ignore it. Naughty. :)
I just check for the known console tty names. Another stanza would have to
be added to the tty case statement for each make & model of serial card or
serial server, and even if I wanted to look up every one currently existing,
new ones get created and things like that equinox that let the user invent
anything, makes it impractical. leave it for per-site customization and
probably never need to do it anyways.
The facetwin note above is a lesson in assumptions.
In that case, the server daemon for a network telnet-ssh-alike actually puts
the computers windows computer name, the netbios name, into the spot where
utmp/wtmp readers (like who) look for the users ip/hostname. So it
effectively makes who useless for that. But, at the same time it provides an
env variable that does have the users ip, as seen from the servers point of
view (it also has what the client thinks it's own ip is in another var so
the distinction is not meaningless) so it's possible to have the script test
for that and transparently provide the right answer.
Brian K. White -- brian@aljex.com -- http://www.aljex.com/bkw/
+++++[>+++[>+++++>+++++++<<-]<-]>>+.>.+++++.+++++++.-.[>+<---]>++.
filePro BBx Linux SCO FreeBSD #callahans Satriani Filk!
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: ZSH Local or Remote?
2005-11-27 21:02 ` Brian K. White
@ 2005-11-27 21:34 ` Brian K. White
0 siblings, 0 replies; 3+ messages in thread
From: Brian K. White @ 2005-11-27 21:34 UTC (permalink / raw)
To: zsh-users
----- Original Message -----
From: "Brian K. White" <brian@aljex.com>
To: "zsh-users" <zsh-users@sunsite.dk>
Sent: Sunday, November 27, 2005 4:02 PM
Subject: Re: ZSH Local or Remote?
> ------------------
> #!/bin/ksh
> #
> # amilocal - "Am I Local?"
> # Detects if the user is connecting from inside or outside the local LAN.
> #
> # Requires "tellip"
> #
> # Brian K. White - brian@aljex.com - Aljex Software
>
> TTY=`tty`
> LOGFILE=/var/log/WAN-LOGINS
> LOGGING=false
> VERBOSE=false
>
> for ARG in $@ ; do
> case ${ARG} in
> -l) LOGGING=true ;;
> -v) VERBOSE=true ;;
> esac
> done
>
> case ${TTY} in
> /dev/tty[1-9]|/dev/tty[012][0-9])
> ${VERBOSE} && echo "YES: TTY=`tty`"
> exit 0
> ;;
> *)
> IP=`tellip`
> ID=`id -un`
> grep -q ${IP} /etc/LAN && {
> ${VERBOSE} && echo "YES: IP=${IP}"
> exit 0
> } || {
> ${LOGGING} && echo "`date`\t${ID}\t${IP}" >>${LOGFILE}
> ${VERBOSE} && echo "NO: IP=${IP}"
> exit 1
> }
> ;;
> esac
> --------------
And of course I had to clean up a couple nits I hadn't noticed since I
havn't modified or even looked at this in years:
* Stop running tty and id unecessarily.
* Stop using TTY since it collides with builtins in ksh93 and zsh at least,
and who knows, it might not be overwriteable in some shell.
In zsh it's overwriteable but not exportable. And I don't want to try to
just use it if it exists since in my case it happens to always exist but not
in the same format as `tty` or most shells builtin $TTY.
Because I set it in /etc/profile, but I strip off the /dev/ and leave the
rest. (It's used in the users main menu display so that we can ask them what
tty they are so that we can double-vision them (like ttysnoop but much
fancier) for training and customer support. Poor choice of variable name on
my part, yes, but made too long ago and frankly, works fine under every
shell but zsh. Including ksh93 and bash which also have a built-in $TTY
#!/bin/ksh
# amilocal - "Am I Local?"
# Detects if the user is connecting from inside or outside the local LAN.
#
# Requires "tellip"
#
# Brian K. White - brian@aljex.com - Aljex Software
MYTTY=`tty`
LOGFILE=/var/log/WAN-LOGINS
LOGGING=false
VERBOSE=false
for ARG in $@ ; do
case $ARG in
-l) LOGGING=true ;;
-v) VERBOSE=true ;;
esac
done
case $MYTTY in
/dev/tty[1-9]|/dev/tty[012][0-9])
$VERBOSE && echo "YES: TTY=$MYTTY"
exit 0
;;
*)
IP=`tellip`
grep -q $IP /etc/LAN && {
$VERBOSE && echo "YES: IP=$IP"
exit 0
} || {
$LOGGING && echo "`date`\t`id -un`\t$IP" >>$LOGFILE
$VERBOSE && echo "NO: IP=$IP"
exit 1
}
;;
esac
--
Brian K. White -- brian@aljex.com -- http://www.aljex.com/bkw/
+++++[>+++[>+++++>+++++++<<-]<-]>>+.>.+++++.+++++++.-.[>+<---]>++.
filePro BBx Linux SCO FreeBSD #callahans Satriani Filk!
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2005-11-27 21:35 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2005-11-27 20:20 ZSH Local or Remote? Steven Klass
2005-11-27 21:02 ` Brian K. White
2005-11-27 21:34 ` Brian K. White
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/zsh/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).