如何知道Linux系统中的哪个用户已解锁?
我想知道用户通过Linux的登录GUI在系统中解锁自己时的用户名。我已经检查了如何知道Linux系统中的哪个用户已解锁?,linux,bash,session,pam,Linux,Bash,Session,Pam,我想知道用户通过Linux的登录GUI在系统中解锁自己时的用户名。我已经检查了/etc/pam.d/gdm密码。据我所知,unlock和lock操作与gdm password相关。这是我的gdm密码文件,如下所示 #%PAM-1.0 auth requisite pam_nologin.so auth required pam_succeed_if.so user != root quiet_success @include common-auth auth
/etc/pam.d/gdm密码
。据我所知,unlock
和lock
操作与gdm password
相关。这是我的gdm密码
文件,如下所示
#%PAM-1.0
auth requisite pam_nologin.so
auth required pam_succeed_if.so user != root quiet_success
@include common-auth
auth optional pam_gnome_keyring.so
account optional pam_exec.so seteuid /trigger account
session optional pam_exec.so seteuid /trigger session
@include common-account
# SELinux needs to be the first session rule. This ensures that any
# lingering context has been cleared. Without this it is possible
# that a module could execute code in the wrong domain.
session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
session required pam_loginuid.so
# SELinux needs to intervene at login time to ensure that the process
# starts in the proper default security context. Only sessions which are
# intended to run in the user's context should be run after this.
session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
session optional pam_keyinit.so force revoke
session required pam_limits.so
session required pam_env.so readenv=1
session required pam_env.so readenv=1 envfile=/etc/default/locale
@include common-session
session optional pam_gnome_keyring.so auto_start
@include common-password
这是我的bash脚本:
#!/bin/bash
id=$(/usr/bin/cat /proc/self/sessionid)
#echo "$date [$1] $PAM_USER $PAM_TYPE $id" >> /var/log/test.log
name=$(/usr/bin/loginctl show-session $id | /usr/bin/grep Name= | /usr/bin/cut -d = -f 2)
if [ "$PAM_TYPE" == "account" ] && [[ -v id ]] && [ "$name" == "$PAM_USER" ];then
echo "$date $PAM_USER unlocked" >> /var/log/actions.log
# echo "$(/usr/bin/loginctl show-session $id)" >> /var/log/details.log
elif [ "$PAM_TYPE" == "open_session" ];then
echo "$date $PAM_USER logged in" >> /var/log/actions.log
elif [ "$PAM_TYPE" == "close_session" ];then
echo "$date $PAM_USER logged out" >> /var/log/actions.log
fi
解锁时,屏幕上会出现一个错误,如
/trigger failed:exit code 2
。我该怎么办?当用户解锁时,我只想在文件中看到他的名字。就是这样。当您在没有参数的情况下执行loginctl
时,它会显示“c2”。如果我运行loginctl show session c2
,它将返回正确的输出。不知道为什么/proc/self/sessionid
只返回2而不是c2。