Jon, Why bother with tee-ing the dsmadmc sessions? I really don't understand what else you need to see in addition to the ANR2017I's. Sure, the tee would give you the output of their commands, but is there any need to see the output of their QUERY ACTLOG, QUERY VOL F=D, UPD VOL ACC=READW, DEL FI, UPD NODE, or whatever?
Anyway, the problem isn't with sudo. If you run dsmadmc from a wrapper script without sudo, it fails with the |tee and runs fine without it. It does, however, have something to do with dsmadmc. If you replace dsmadmc with telnet in a test wrapper script, it works. If absolutely necessary, you might be able to resolve the situation by using Expect. Alex Paschal Freightliner, LLC (503) 745-6850 phone/vmail -----Original Message----- From: Remco Post [mailto:[EMAIL PROTECTED] Sent: Thursday, October 02, 2003 8:33 AM To: [EMAIL PROTECTED] Subject: Re: TSM and command logging On Wed, 1 Oct 2003 12:32:37 -0500 "Stanley, Jon" <[EMAIL PROTECTED]> wrote: > Here's the situation: We are a managed hosting company that uses TSM > for backup, and we would like to hand off day to day administration of > the environement to the operations staff. There are a number of > inexperienced (in TSM) staff. We want a way to audit (beyond the normal > activity log) what it is these people do. Therefore, I have written a > wrapper script to dsmadmc that uses tee to send stdout to the screen and > to a file. We use a similar script for logging ssh. > <RANT> Maybe you should just log everything these people type on their PC, monitor their every move with camera's and have one person secirity staff stay with them every second of the day. </RANT> The problem/challenge you are running into is that dsmadmc likes to know a lot about the terminal it is running in, and likes to receive even resize event... maybe that is the problem? > Once the script is working, dsmadmc on the administrative host will only > be executable by the user that the wrapper runs as. > > But here is what happens when the script runs (I'm passing a username > and password on the command line, I would also like a way to hide this > from the process list, i.e. take them out of a file or something): > > bookworm:~$ sudo -u svadmin /usr/local/sbin/svadmindsm i01sv0600 > -- -- > -- WARNING: This session is logged. -- > -- -- > Executing command - hostname i01sv0600 > Tivoli Storage Manager > Command Line Administrative Interface - Version 4, Release 2, Level 3.0 > (C) Copyright IBM Corporation, 1990, 2001, All Rights Reserved. > > Session established with server I01SV600: Solaris 7/8 > Server Version 4, Release 2, Level 4.1 > Server date/time: 10/01/03 17:24:31 Last access: 10/01/03 > 15:53:43 > > > tsm: I01SV600>ANS8025E I/O Error reading command input. > > ANS8002I Highest return code was 0. > > bookworm:~$ > > Jon Stanley > Hosting Systems Engineer > SAVVIS Communications > 1 SAVVIS Parkway > Town & Country, MO 63017 > SAVVIS, The Network That Powers Wall Street(SM) > 314-628-7570 (direct) > 314-265-4690 (mobile) > [EMAIL PROTECTED] (pager) > 866-234-4678 (Toll Free) > [EMAIL PROTECTED] -- Met vriendelijke groeten, Remco Post SARA - Reken- en Netwerkdiensten http://www.sara.nl High Performance Computing Tel. +31 20 592 8008 Fax. +31 20 668 3167 "I really didn't foresee the Internet. But then, neither did the computer industry. Not that that tells us very much of course - the computer industry didn't even foresee that the century was going to end." -- Douglas Adams
