Hi,
Although I don't see the point in letting a user have access to a machine and then deny this user any actions, maybe this will do what you want:
In general a user has a shell he logs into (most commonly /bin/bash), the system knows which shell to use by looking at the appropriate line in /etc/passwd.
If you create the following file, called dead.stop.sh, in /bin:
Code:
#!/bin/bash
clear
echo "
You are logged in, but cannot do anything.
"
echo -n "Press any key to log out again : "
read KEY
exit 0
and replace the /bin/bash part with /bin/dead.stop.sh in /etc/passwd, this user can log in, but cannot do anything but log out again.
Steps to take to accomplish this (as root):
1) create the above script and give it execute permissions (chmod 555 /bin/dead.stop.sh),
2) create a normal user with useradd/adduser or the GUI (user is called foobar in this example),
3) give this user a valid password (passwd foobar),
4) open /etc/passwd and look for the foobar entry (probably the last line) which looks something like this:
foobar:x:1000:1000::/home/foobar:/bin/bash. Change the bold part to
/bin/dead.stop.sh.
If all went as planned the following should happen when trying to log into that user (ssh or normal login):
Code:
$ ssh foobar@exile
Password: <xyz>
(screen is cleared)
You are logged in, but cannot do anything.
Press any key to log out again :
(after pressing any key)
Connection to exile closed.
Although I might have overlooked something I do believe you cannot break out of this script and gain shell access (please correct me if I'm wrong).
Hope this is what you are looking for.