LFCS – Login Scripts

Jarret B

Active Member
Staff member
Credits
1,784
When a user logs into a system there are scripts that are executed. These scripts can be manipulated to allow specific programs to be run, services to be started or stopped, environment variables to be set or modified, etc.

There is no limit to what can be done with login scripts. The same can be done with logout scripts as well.

The login scripts are not specific to when a user logs into the system at the initial login screen. When a user changes privileges the scripts can also be executed.

Script Locations

There are four login script locations. These are handled at different times.

  1. /etc/profile – processed once when logging into the system after boot completes (root will process it at each login)
  2. ~/.bash_profile – processed once when logging into the system after boot completes (root will process it at each login)
  3. ~/.bashrc – processed after each login by the specific user (.bashrc is located in the HOME folder of the specific user), for non-login
  4. /etc/bashrc – processed after each login by the specific user (.bashrc is located in the HOME folder of the specific user) for non-login

NOTE: If you use the command ‘exit’ to exit the shell and go back to where the system is acting like it just restarted, then you will have all four scripts executed.

If you wanted to edit each file and add a line like “echo /etc/profile” or “username ~/.bashrc” you can have the script print a line on the screen. This works best on a system that does not open a Graphical User Interface (GUI) at startup. You will want to do this for the ROOT folder as well.

When you are in a shell (terminal), you can perform the command ‘su -’ or ‘su -l’ (lowercase L) to change to the ROOT user. The command will change you to that ROOT user and not just simply give you ROOT privileges.

After the shell logs you in as ROOT, you should see the appropriate lines printed from the login scripts. If you have modified the scripts for a standard user, then you can use the command ‘su username’ to see that the scripts are executed as required.

The ROOT user will always run all four scripts. A standard user will only run all four scripts when you are first logging in after the system has started. The ‘non-login’ scripts are executed when a new shell is opened for the user.

There are also two scripts that can be executed when a user logs out. The scripts are as follows:

  1. ~/.bash_logout – processed for a specific user when logging out
  2. /etc/bash.bash_logout – processed by all users when logging out

These are executed in the order listed.

Use of the Scripts

The actual use will vary depending on your need. Keep in mind that the scripts in the ‘/etc’ folder will be executed by all users. This is an easy place to manage the scripts for all users in one place. Scripts specific to a user can be placed in the HOME (~/) folder of each user. Using the scripts in the individual HOME folder can be more tedious to manage if you have a lot of users.

Keep in mind if a script is specific to a single user or needed by all users. The need will determine where the script is executed. Scripts for all users will be placed in the '/etc/bashrc' while user-specific scripts go in '~/.bashrc'. Keep in mind that these scripts run at every login, even SSH login. If you only want the script to run one time at login, then use '/etc/profile’ for all users and ‘~/.bash_profile’ for specific users.

If anything needs to be cleaned up after a user logs out, then place a script in the appropriate file. Use '~/.bash_logout’ for specific users and ‘/etc/bash.bash_logout’ for all users.

The ‘su’ Command

As noted previously, the ‘su -’ and ‘su -l’ (lowercase L) will log you in as ROOT. Just using ‘su username' will log you into a shell as that user. When you type the command 'exit', you will exit the current user shell and be back at the shell as the previous user. If you type 'exit' enough, you will end up at the main login screen.

NOTE: This occurs on a system that has a Terminal and no GUI. If you open a Terminal in a system that has a GUI, it will work the same, but the last exit will close the Terminal.

By logging in as a user, not ROOT, you can use the command 'id' to see what user is currently logged in. Another command is 'echo $USER' which will show you the username of the logged-in user.

If you simply use the 'sudo' command, then you only have elevated privileges to execute the given command. The 'sudo' command does not log in as ROOT. Using the 'sudo' command will not cause any of the login or logout scripts to execute.

Managing Scripts for New Users

This section is best managed when a system is new. If users already exist, these changes will not affect them. Keep in mind that these changes are only for new users.

The folder ‘/etc/skel’ is a skeleton framework for all new users. When a HOME folder is created for the new user, this folder is copied.

If you switch to ROOT and then change to the folder ‘/etc/skel’. You can run the command ‘ls -A’. The ‘-A’ parameter will list hidden files. You should see in this folder a few files: ‘.bash_logout’, ‘.bash_profile’, ‘.bashrc’ and possibly other files and/or folders.

If you should edit the scripts here as needed, then each new user, when created, will get a copy of the file in their HOME folder. Any changes made here will be included for new user accounts.

As ROOT make some changes. Add a folder. Whatever you may like. Then execute the command ‘adduser Test’ or some other username. Once the account is created, change to the new user’s HOME folder, ‘cd /home/Test’, and check for the changes.

Conclusion

I hope you have found this article informative. Be sure to run some tests to see that you understand the different scripts.

Also, be sure to try making changes to the ‘/etc/skel’ folder. Be aware that you can modify the user defaults. You can add icons to the desktop as default, create a ‘Desktop’ folder and place items in it. Of course, these items can be changed by the user, but an initial setup can make sure all new users have the same start. For example, a document could be included on the desktop to inform new users of company policies. For the article, the main concern is changing the login/logout scripts. Play with the new user skeleton framework and see what you can do.
 


$100 Digital Ocean Credit
Get a free VM to test out Linux!

Members online


Top