use Net::Address::IPv4::Local;
    
    # Get the local system's IP address that is "connected" to 
    # "the internet":
    my $address = Net::Address::IPv4::Local->public;
    
    # Get the local system's IP address that is "connected" to 
    # the given remote IP address:
    my $address = Net::Address::IPv4::Local->connected_to($remote_addr
+ess);
[download]

How are people logging into the servers that the menu runs on?

If they're logging on using SSH, then the login.sh script should know about the SSH_CLIENT environment variable, which you could pass to your menu.pl script; login.sh would then contain:

sudo /usr/local/bin/menu.pl --clientip $SSH_CLIENT
[download]

The --clientip variable is just an idea, but it would be trivial to parse your command line using Getopt::Long if you choose to do it this way.

There is no 'standard' way to determine the ip of the current user, because that would assume that you're always using a network connection to connect. And that doesn't have to be the case, if you would for instance login using the local console.

You may want to have a look at the man-pages for w, who and utmp (though the latter merely describes the C library for utmp). who -m may also suit your purposes.

For a more perly solution, you may want to look at the User::Utmp module. This would allow you to inspect the login records from perl. If I remember correctly, sudo provides you with the SUDO_USER environment variable which would tell you what user originally logged in, and is running the login.sh script.

Of course if the user can in any way manipulate the environment SSH_CLIENT would be of no use. Only trust it if the user can only run this one command via ssh (e.g. using OpenSSH's ability to limit what a user can run via the ~/.ssh/authorized_keys file), and then I'd still be paranoid.

Well yeah... Naturally...

I'm assuming that the SSH-aspect of it all is securely setup. Even the fact that ssh is being used is an assumption.

The only way to circumevent evildoing like this, would be to look up the process-tree for the ssh-process that we got forked of off, and get the uid/pid that process is running under, and check netstat for the connection details I suppose...

But the setup itself is quite dangerous; menu.pl has to be VERY tight as it's running root... Hopefully the OP is using taint mode, and untainting properly...

First off, I would recommend that you not sudo the whole menuing script. This requires very careful coding of your menu script and everything it calls to avoid holes in your security. You could specify that the module scripts (or anything in the correct directory, if you really trust everyone with write privs to that directory), be valid sudo commands for the users of the menu system. Ideally, you might want to move the sudo commands into the scripts themselves to ensure that no unapproved commands can be executed with root privileges.

Now, as to your question, the operating system (Unix from your post) maintains a logging file utmpx of the currently logged in users. This log includes the point of origin of the login. The Unix command to see who is logged in on a terminal, which terminal, since when and from where is who am i. It is not fooled by sudo:

  $ who am i
  idsfa    pts/11      Apr 20 15:09     (10.0.0.1)
  $ sudo who am i
  idsfa    pts/11      Apr 20 15:09     (10.0.0.1)
[download]

You could use this in your logs to identify which login & IP source issued a given command. Other than running this program, you could also use User::Utmp to read the log directly, with something like:

  use User::Utmp qw(:constants :utmpx);
  use POSIX qw(ttyname);

  my $tty = ttyname();
  my @utmp = getutx();
  my $ip = "Rogue Hacker";
  foreach $entry (@utmp)
  {
      next if ($entry->{ut_type} != USER_PROCESS);
      next if ($entry->{ut_line} ne $tty);
      $ip = $entry->{ut_host};
      last;
  }
[download]