UNIX has rsh (Restricted Shell)). its located in. /usr/lib/rsh. with this, you could restrict the user to:

1.change directory
2.set the value of $PATH
3.specify the path of command names containing /
4. and others

is there a shell in Linux that performs or do the job like rsh do?? am currently using BASH (widely used) .. and there is a switch to make it restriced (-r) ..


# bash -r


but it wont work for default shell. say, if i add a user to have a default '/bin/bash -r', it will not work... is there a shell like rsh?? or can i do it with BASH?? if yes, then HOW??


any help and suggestions would be great!

-flar-

[ 27 March 2001: Message edited by: Flar ]

Dude. rsh is "Remote Shell" and is a part of the BSD networking utilities.

Jeremy

i think i posted clearly above. Restricted shell. /usr/sbin/rsh is the remote shell.and linux does have it too. and i know what is it!

am asking for the Restricted Shell. /usr/lib/rsh in UNIX. do we have that shell in LINUX? thats what im asking!

try to read my post above first.

-flar-

Originally posted by Flar:
am asking for the Restricted Shell. /usr/lib/rsh in UNIX.


I'm on FreeBSD, which is UNIX, and /usr/lib/rsh is the remote shell.

If you want to use bash -r, then just write a small program to do it.


#include <unistd.h>

int main(int argc, char ** argv) {
execl("/bin/bash", "/bin/bash", "-r", NULL);
}


Jeremy
[/code]

how bout Restricted Shell?? do u have some info bout it?? i cant seem to let 'bash -r' work...

-flar-

Originally posted by Flar:
try to read my post above first.


Jeremy

Originally posted by jemfinch:
I'm on FreeBSD, which is UNIX, and /usr/lib/rsh is the remote shell

not to be argumentative, but BSD's are not Unix, per se, because the original AT&T code is not inlcuded. BSD's are more a Unix derivative where Linux's are a Unix clone :)

Why not setup a chroot environment for non-trusted users, like you can with a ftpd?

Originally posted by aph3x:
not to be argumentative, but BSD's are not Unix, per se, because the original AT&T code is not inlcuded. BSD's are more a Unix derivative where Linux's are a Unix clone :)

Original AT&T code doesn't determine if something is UNIX or not. A bribe^Wpayment to The Open Group lets you stick the UNIX stamp of approval on your product.

BSDi just purchased Walnut Creek, the corporate sponsor of FreeBSD. Since the purchase, FreeBSD boxes released by BSDi carry the claim that it is "UNIX." Noting that BSDi hasn't been sued for infringement of copyright (as they would be if they didn't have an appropriate license) by The Open Group, the only conclusion, IMO, is that FreeBSD is, in fact, UNIX.

FreeBSD has more "pedigree" than practically every other *nix out there. If it can't be called "UNIX", then that term lost its meaning somewhere along the way.

Jeremy

hey jeremy.. ur saying that your BSD which is UNIX (u said) having /usr/lib/rsh and is remote shell.. then look below


SunOS 5.7

login: flar
Password:
Last login: Thu Mar 29 13:30:25 from 192.168.3.1
$ cd
cd: restricted
$ finger -m flar
Login name: flar In real life: Ralph Bagaipo
Directory: /home/05/flar Shell: /usr/lib/rsh
On since Mar 29 13:31:20 on pts/24 from 192.168.3.67
11 seconds Idle Time
No unread mail
No Plan.
$ cd
cd: restricted
$


??? its Solaris 5.7 .. then that would probably be UNIX eh?? what im saying is.. that here, u san see that my Shell is defaulted to /usr/lib/rsh.. which is Restricted Shell.. hmm?? can u see it?? it says 'restricted' when i try to change directory.. thats what am asking.. is there a shell like that in LINUX?? or in your BSD??

-flar-

Flar: is it not possible that rsh (the remote shell) has a 'restricted' option too, like BASH does?

Flar, try this post, it has the answer you are looking for. http://www.linuxnewbie.org/cgi-bin/ubbcgi/ultimatebb.cgi?ubb=get_topic&f=21&t=001312

Unix Guru, yeah it has.. 'bash -r' .. but then u just have to execute 'exit' and then its over.. i mean.. the restricted shell will be turned off..

Ndelo.. thanks man.. i think i found what i wanted on your post back there.. thanks! am gonna try it..

-flar-

hey ndelo.. thanks man!! ive got it working :) thanks much!! i owe u one .. u make my 300th post memorable .. :D :D :D

-flar-

[ 30 March 2001: Message edited by: Flar ]

Glad to help :)