bash restricted shell
Giorgos Keramidas
keramida at ceid.upatras.gr
Fri Mar 11 19:44:44 PST 2005
On 2005-03-11 19:53, doug at safeport.com wrote:
> On a standard 4.11 install /usr/local/bin/bash = v2.04. rbash does not
> exist. So I added it as an sh script. This works okay in that normal
> things I tried do not break out. This is probably good enough for the
> users I would give this shell to. My question is basically: what is
> the "right" way to do this?
Create a /usr/local/bin/rbash script containing the following lines:
#!/usr/local/bin/bash
exec /usr/local/bin/bash --login --restricted "$@"
The initial #! line is necessary, in my opinion, because having it there
means you don't need to depend on the fact that shell scripts do accept
options on the #! line.
Set the permissions and owner of the new script and add it to /etc/shells:
% chmod 0555 /usr/local/bin/rbash
% chown root:wheel /usr/local/bin/rbash
% echo '/usr/local/bin/rbash' >> /etc/shells
Than you should be able to use '/usr/local/bin/rbash' as the login shell
of a user and have the user restricted in the HOME directory.
More information about the freebsd-questions
mailing list