try echo testing > ~/test

look for a file in their home folder named test


you are using bash right

Actually for rbash all you have to do is sym-link bash to rbash and it works. and add it to /etc/shells

And if i remember right, you need to use ssh or some other non-interactive login for the .bashrc file to get parsed. Have you tested it with SSH or just through login?

yes, im using bash.

i changed the .bashrc file to "echo testing > test" but there isn't any test file there...

turnip, i don't have rbash at all...and theres no compiling programs installed as its a firewall distro...

and yes, this is all thru SSH, theres no monitor on this machine...

ok,

loging in with ssh will cause the system to run files in /etc/profile.d/

so you can add commands to a file.sh and maybe file.csh depending on your shell



cat bsd-games.sh
#!/bin/sh
# Print a fortune cookie for login shells:

echo
fortune fortunes fortunes2 linuxcookie
echo

but if i put a file in /etc/profile.d called restrict.sh with:
then won't EVERY user that logs in be restricted (which is exactly what i want...apart from a few users like admin, root...etc) seeings as everybody are running all those scripts?

didn't know that's what you were doing, I thought you wanted to print a message


but it does seem that if you run a script from there that points to a login script in their home folder you should be able to do it





~/login.sh

ok...i created a run.sh in /etc/profile.d which contains ~/.bashrc and i chmodded .bashrc to +x...

now when i login i get this error:
/bin/bash: error while loading shared libraries: libdl.so.2: cannot open shared object file: Error 23
and whenever i issue ANY command, it gives me that error...


now ive found one problem with /bin/bash -r....when they type exit, it quits and returns to a normal shell...

maybe this isn't the way to go....anybody know where i can grab one of those other shells from? that don't need to be compiled..

Not sure why you would execute .bashrc

wouldn't you want to run a login script

I would think that you could put the script in the users home that get chrooted

the other users would not have the script


it could be something like this

if [ -f ~/somefile ]; then

somechrootscript

fi

or [ -x ~/script ]

To make rbash work all you need to do is this

ln -s /bin/bash /bin/rbash or make a copy of bash and rename it rbash

You dont need to build it, its apart of the base package.
Once you do that and add it to /etc/shells they will not be able to change shells or anything.

However, if they use vi, then they can get out by

:set shell /bin/sh
:shell

rbash will chroot the user to things like ls and cp mv and what not need to be copied to their home dir.