discovering a session's env variables?
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: discovering a session's env variables?

  1. #1
    Senior Member roswell1329's Avatar
    Join Date
    Jan 2002
    Posts
    670

    Question discovering a session's env variables?

    Does anyone here know of a way for root to discover the environment variables being used by a particular user or session? For example, if a user named 'mrx' is logged onto my system, is there a way for me as root to read the environment variables he is using for that sesson?
    /* You are not expected to understand this. */

  2. #2
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Hrmm.. the closest I can think of is to su to root, then su to the user and then type env. I don't know specifically of any external command that let's you see the environment variables of a user (you are referring to shell environment aren't you?)

    Just a quick add-on. Remember to use su - username rather than su by itself. If it's just su then local scripts like .bash_profile won't be run and you'll end up with the env of root rather than the user.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  3. #3
    Senior Member roswell1329's Avatar
    Join Date
    Jan 2002
    Posts
    670
    Thanks for the response MsMittens. Your suggestion would work if I only wanted to discover the preset env variables established by the profile or any login scripts. I was thinking more of the dynamic env variables set during the session. If I were to su to the user (su - mrx), the system would create a new session for that user -- env variables from another active session would not apply.
    /* You are not expected to understand this. */

  4. #4
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Hrmm.. unless you had a script that activated when they logged in (maybe something in the .bash_profile/.profile file itself?), recorded that info and sent it to a log? Perhaps a simple shell script that would pull that info?

    Off-hand I can't think of any command. Perhaps a search for a third-party app?
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  5. #5
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,130
    im trying to research thru Linux memory structures to take a look, but it is been unsucessfull.

    If u have info about that, maybe you can find.

    I was looking at process memory map. All variables should be there (somewhere)....
    Meu sítio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

  6. #6
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,130
    i have no linux to take a look, but it maybe here:

    /proc/[process number]/

    a lot of info for each process running

    and

    /proc/[process number]/environ

    may have what you want..

    take a look at this

    http://www2.yo-linux.com/cgi-bin/man...n=5&topic=proc
    Meu sítio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

  7. #7
    Senior Member roswell1329's Avatar
    Join Date
    Jan 2002
    Posts
    670
    Thanks cacosapo and MsMittens. I think the closest I can get is the /proc/(procid)/environ file for the shell process. It lists several environment variables, but it doesn't list any that I dynamically add during the session, and it doesn't list several others that were. I'll keep digging, but I'm not expecting to find anything now. If I find something, I'll post it, though. Thanks again!
    /* You are not expected to understand this. */

  8. #8
    PHP/PostgreSQL guy
    Join Date
    Dec 2001
    Posts
    1,164
    Check the user's history file...by default, it's something like .bash_history. It's an easy file to forget that exists (unless they're disabling it in their own .bash_profile. It could provide something.
    We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.

  9. #9
    Senior Member Maestr0's Avatar
    Join Date
    May 2003
    Posts
    604
    This is a bit tricky since you want to see the env vars you add. I think the environ file in proc only shows the vars that the bash (or whatever shell) process was started with and inherited. I dont believe that the exported variables from the terminal are actually added to the pointer array, however.... I think any child process that is created by the bash process WILL inherit the new environ array, so all you have to do is peek in a process the user has started to see the new env vars. It would probably be quite easy to write a C program to do this for you but I'm a lazy man so I'll show you a really dirty way.

    [root@Dagon maestro]# who
    root :0 Jul 19 11:19
    root pts/0 Jul 19 11:20
    maestro pts/1 Aug 11 07:42 (xxx.xxx.xxx.xxx)
    root pts/2 Aug 11 10:37 (:0.0)
    webmaste pts/3 Aug 11 10:31 (xxx.xxx.xxx.xxx)
    [root@Dagon maestro]# ps -a | grep "pts/3"
    13581 pts/3 00:00:00 vi
    [root@Dagon maestro]# gdb
    GNU gdb 5.2.1-2mdk (Mandrake Linux)
    Copyright 2002 Free Software Foundation, Inc.
    GDB is free software, covered by the GNU General Public License, and you are
    welcome to change it and/or distribute copies of it under certain conditions.
    Type "show copying" to see the conditions.
    There is absolutely no warranty for GDB. Type "show warranty" for details.
    This GDB was configured as "i586-mandrake-linux-gnu".
    (gdb) attach 13581
    Attaching to process 13581
    Reading symbols from /usr/bin/vim-enhanced...(no debugging symbols found)...
    done.

    <snip>

    0x4038b10e in select () from /lib/i686/libc.so.6
    Lets print the global var environ which points to an array of pointers where the vars are contained.
    (gdb) p environ
    $1 = (char **) 0xbffffa4c

    Where does it point?
    (gdb) x 0xbffffa4c
    0xbffffa4c: 0xbffffb77

    Now lets just grab a chunk and spit out the first 100 characters.
    (gdb) x/100c 0xbffffb77
    0xbffffb77: 76 'L' 69 'E' 83 'S' 83 'S' 75 'K' 69 'E' 89 'Y' 61 '='
    0xbffffb7f: 47 '/' 101 'e' 116 't' 99 'c' 47 '/' 46 '.' 108 'l' 101 'e'
    0xbffffb87: 115 's' 115 's' 0 '\0' 76 'L' 67 'C' 95 '_' 77 'M' 79 'O'
    0xbffffb8f: 78 'N' 69 'E' 84 'T' 65 'A' 82 'R' 89 'Y' 61 '=' 101 'e'
    0xbffffb97: 110 'n' 95 '_' 85 'U' 83 'S' 0 '\0' 72 'H' 79 'O' 83 'S'
    0xbffffb9f: 84 'T' 78 'N' 65 'A' 77 'M' 69 'E' 61 '=' 68 'D' 97 'a'
    0xbffffba7: 103 'g' 111 'o' 110 'n' 0 '\0' 84 'T' 69 'E' 82 'R' 77 'M'
    0xbffffbaf: 61 '=' 120 'x' 116 't' 101 'e' 114 'r' 109 'm' 0 '\0' 83 'S'
    0xbffffbb7: 72 'H' 69 'E' 76 'L' 76 'L' 61 '=' 47 '/' 98 'b' 105 'i'
    0xbffffbbf: 110 'n' 47 '/' 98 'b' 97 'a' 115 's' 104 'h' 0 '\0' 72 'H'
    0xbffffbc7: 73 'I' 83 'S' 84 'T' 83 'S' 73 'I' 90 'Z' 69 'E' 61 '='
    0xbffffbcf: 49 '1' 48 '0' 48 '0' 48 '0' 0 '\0' 84 'T' 77 'M' 80 'P'
    0xbffffbd7: 68 'D' 73 'I' 82 'R' 61 '='

    Translates to:

    LESSKEY=/etc/.less
    LC_MONETARY=en_US
    HOSTNAME=Dagon
    TERM=xterm
    SHELL=/bin/bash
    HISTSIZE=1000
    TMPDIR=

    Of course you'll need more than 100 to see all of it, the array is terminated by a null pointer so you'll see the end.

    PS. gdb automatically stops any process you attach it to so, dont do this to a process the user would notice stopping. (aka bash )

    -Maestr0
    \"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier

  10. #10
    Senior Member roswell1329's Avatar
    Join Date
    Jan 2002
    Posts
    670
    Sorry Maestro, I didn't notice this one when you first posted it, but this is damn cool. I shower you with greenies! Thanks!
    /* You are not expected to understand this. */

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides