how to find out offending user using tty information

Question

I have an script called wow.sh on a shared machine.

'ps -ef | grep wow' shows multiple runs of the same script.

How can I use the tty information to find the offending users ip?

score 0 · Answer 1 · answered Aug 07 '10 at 13:13

0

You can try "last", which will show you last logins. So if you narrowed it down to a user, you can run last username and the 3rd column is their login origin.

answered Aug 07 '10 at 13:13

Alex

6,603
1
24
32

score 0 · Answer 2 · answered Aug 07 '10 at 14:33

In the most basic sense, you need to track down who ran it and where they logged in from:

ps axo command,user,lstart | grep [w]ow

The 2nd field gives you the user. If this is obvious (i.e. not 'root' or some shared username) then you can use 'last' as Alex mentions:

ps axo user,command,lstart | grep [w]ow | cut -f1 -d' ' | xargs last -n 1000 -iF

Just match up their date from the first command (the 'lstart' last column) with the login/logout reported by last.

All the users login using a common user. The only thing to differentiate between them is the tty information. I want to find out the ip using the tty information. — AM01, Aug 12 '10 at 19:32

score 0 · Answer 3 · answered Mar 19 '11 at 10:53

0

If the offending party will still be logged in (i.e. they're not disown-ing scripts or similar) then who will give you the IP and tty of the logged-in users.

answered Mar 19 '11 at 10:53

nickgrim

4,466
1
19
28

how to find out offending user using tty information

3 Answers3