Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Actually for rbash all you have to do is sym-link bash to rbash and it works. and add it to /etc/shells
And if i remember right, you need to use ssh or some other non-interactive login for the .bashrc file to get parsed. Have you tested it with SSH or just through login?
but if i put a file in /etc/profile.d called restrict.sh with:
Code:
/bin/bash -r
then won't EVERY user that logs in be restricted (which is exactly what i want...apart from a few users like admin, root...etc) seeings as everybody are running all those scripts?
ok...i created a run.sh in /etc/profile.d which contains ~/.bashrc and i chmodded .bashrc to +x...
now when i login i get this error:
/bin/bash: error while loading shared libraries: libdl.so.2: cannot open shared object file: Error 23
and whenever i issue ANY command, it gives me that error...
now ive found one problem with /bin/bash -r....when they type exit, it quits and returns to a normal shell...
maybe this isn't the way to go....anybody know where i can grab one of those other shells from? that don't need to be compiled..
Last edited by Grim Reaper; 12-15-2002 at 03:44 AM.
ln -s /bin/bash /bin/rbash or make a copy of bash and rename it rbash
You dont need to build it, its apart of the base package.
Once you do that and add it to /etc/shells they will not be able to change shells or anything.
However, if they use vi, then they can get out by
:set shell /bin/sh
:shell
rbash will chroot the user to things like ls and cp mv and what not need to be copied to their home dir.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.