When and How Are Scripts in /etc/profile.d Executed During Linux User Login?


33 views

In CentOS/RHEL systems (including version 6.3), scripts placed in /etc/profile.d/ are executed during the login process for all users, both root and non-root. The execution occurs when:

  • A user logs in via console (local terminal)
  • A user establishes an SSH connection
  • Any interactive login shell session begins

The scripts are processed in alphabetical order during these phases:

1. /etc/profile (main file)
2. /etc/profile.d/*.sh (alphabetical order)
3. User's ~/.bash_profile or ~/.bashrc

For your LDAP server startup requirement, create a script like this:

#!/bin/bash
# /etc/profile.d/ldap_startup.sh

if ! pgrep slapd >/dev/null; then
    /etc/init.d/slapd start
fi

Make it executable:

chmod +x /etc/profile.d/ldap_startup.sh

1. Permission Requirements: The script must be readable by all users:

chmod 644 /etc/profile.d/ldap_startup.sh

2. Alternative for System-wide Services: For services that should start at boot (like LDAP), consider using chkconfig instead:

chkconfig slapd on
service slapd start

To verify when your script runs, add logging:

#!/bin/bash
echo "$(date): LDAP startup check executed by $USER" >> /var/log/ldap_startup.log

For these cases, consider alternatives:

  • System boot services → Use /etc/rc.local
  • User-specific setups → Use ~/.bashrc
  • Graphical session starts → Use desktop environment autostart



The /etc/profile.d directory in CentOS (and other Linux distributions) contains shell scripts that are executed during system initialization and user login. These scripts are processed in the following sequence:



    

  1. During system boot: Not executed at this stage

  2. During login shell initialization: Executed for all users

  3. During non-login shell initialization: Not executed





For your specific case of starting an LDAP server, you should understand these critical points:



    

  • Login Shell Context: Scripts execute when any user (including non-root) starts a login shell

  • Bash Behavior: Typically runs when:
  
    ssh user@host
su - username
console login
    

  • Non-Login Shell Exclusion: Won't run for:

    ssh user@host command
su username
terminal emulators (often)
    



Since you need the LDAP service to start at boot time regardless of login, /etc/profile.d isn't the right approach. Instead, use the init system:


# Create init script
sudo vim /etc/init.d/ldapserver

#!/bin/bash
# chkconfig: 345 85 15
# description: LDAP Server

case "$1" in
  start)
    /usr/sbin/slapd start
    ;;
  stop)
    /usr/sbin/slapd stop
    ;;
  *)
    echo "Usage: $0 {start|stop}"
    exit 1
    ;;
esac

# Make executable and enable
sudo chmod +x /etc/init.d/ldapserver
sudo chkconfig --add ldapserver
sudo chkconfig ldapserver on



For simpler cases where you just need to run commands at boot:


sudo vim /etc/rc.local
# Add before 'exit 0':
/usr/sbin/slapd start



If you still want to verify profile.d execution, add debug output:


# Create test script
sudo vim /etc/profile.d/test_debug.sh

#!/bin/bash
echo "[$(date)] Profile.d script executed by $USER" >> /var/log/profile-debug.log



Then check the log after next login:


tail -f /var/log/profile-debug.log