Unix and Linux Stack Exchange
Unix and Linux Stack Exchange

Questions tagged [restricted-shell]

The restricted shell is a Unix shell that restricts some of the capabilities available to an interactive user session, or to a shell script, running within it.

32 questions
28
votes
5 answers

Block Particular Command in Linux for Specific user

How to block command, let say mkdir for specific user ? What I did just created read-only function and store in users profile ~/.bashrc /bin/mkdir() { echo "mkdir command not allow for you" } mkdir() { echo "mkdir command not…
Rahul Patil
  • 24,281
  • 25
  • 80
  • 96
9
votes
2 answers

How to discard stderr in restricted Bash shell?

In my .bashrc there are a couple commands which redirect standard error to /dev/null, and this is not allowed within rbash: bash: /dev/null: restricted: cannot redirect output Is there some way to get around this (short of modifying Bash)? That…
l0b0
  • 50,672
  • 41
  • 197
  • 360
5
votes
1 answer

Why does "echo os.system('/bin/bash')" work?

I was doing a kind of hacking challenge, a part of which found me stuck inside a restricted shell which had very few commands. One of the available commands was echo. After a few hours of banging my head off the wall, I decided to peak at some…
Totem
  • 1,091
  • 4
  • 13
  • 20
4
votes
1 answer

Why does rbash not apply any restrictions for a login shell on Debian 9 (Stretch)?

I am on Debian 9 (Stretch). I have a deploy user where I've set the shell to /bin/rbash. Here is the line from /etc/passwd: deploy:x:9000:9000::/home/deploy:/bin/rbash If I am the root user, and I run su - deploy or su -l deploy, then it starts…
ndbroadbent
  • 341
  • 2
  • 12
3
votes
2 answers

Make sshd override login shell of a group of users

My users are shared across a number of machines via LDAP. For one of those machines (let's call it 'fileserf'), I would like to restrict some users in what they can do (actually: prevent them from logging into an interactive session via ssh). On the…
umläute
  • 6,300
  • 1
  • 24
  • 48
3
votes
1 answer

Is there an alternative to using rbash to restrict a user on my system?

Basically at the moment I am using rbash to stop a user from leaving his directory on my system. The problem with this is, there is a script in my bin which he needs to be able to run from a script in his bin (it is because I am using screen). The…
user100599
2
votes
0 answers

How to re-enable the `enable` command?

As part of a script to set up a restricted user, I ran the enable -n enable command. For testing purposes I would like to undo that command but I can't find any documentation on how to do so. I know normally I would just run enable enable, but since…
ajmeese7
  • 215
  • 1
  • 10
2
votes
1 answer

Restricted shell rush "invalid uid" error

I am setting up a new local account on a Debian buster server. The account name is "auto-upload". The entry in /etc/passwd looks like this: auto-upload:x:1060:1060:auto-upload:/home/auto-upload:/usr/sbin/rush As you can see I am attempting to use…
rlandster
  • 723
  • 1
  • 8
  • 22
2
votes
1 answer

How can I start a login shell with options?

I am messing around and want to have a guest user whose login shell is a restricted one like rbash. Unfortunately there is no rbash executable anywhere on my Slackware installation, so I have to do bash -r instead. I tried putting this in…
Architect
  • 173
  • 6
2
votes
1 answer

Bash restricted Shell using rbash

I am using /bin/rbash for some users. It's working as expected but there is some hack like when users run bash or dash, then they got unrestricted shells, so to avoid these commands, I have added below functions in their .bashrc files. bash() { echo…
Rahul Patil
  • 24,281
  • 25
  • 80
  • 96
2
votes
1 answer

How can I restrict the normal user to run only limited set of commands in RHEL?

How can I restrict the Normal user to run the only limited set of commands in RHEL?
Manjinder Singh
  • 29
  • 1
  • 4
2
votes
1 answer

NOEXEC and RESTRICT in sudoers

I understand the script below has a serious problem, and NOEXEC and RESTRICT are not enough as a solution to this. user ALL=(ALL) /usr/bin/vim /etc/httpd/confs/httpd.conf However, I still have some confusion with these two options. RESTRICT Due to…
mi0pu
  • 335
  • 1
  • 4
  • 6
1
vote
1 answer

How to restrict users so that they can only execute commands from /bin?

I was provided an assignment with several questions. One of the questions is: How to restrict users can only execute the commands in the directory /bin? I tried to solve it by using the following commands, but they did not work. # useradd -s…
Sangar Tahir
  • 11
  • 1
1
vote
1 answer

How do you install rbash in CentOS 7?

I ran this command: yum install rbash And for some reason it told me that the package wasn't available. It didn't come pre-installed on my system either and when I looked it up I was unable to find anyone else having this issue. So how do you…
chunchunmaru
  • 13
  • 4
1
vote
1 answer

Restrict SFTP user to run only limited set of commands/action in Linux

How to restrict SFTP users to run only limited set of commands/actions. For users connected to shell there is a option to configure restricted shell. Once done user can run only allowed commands. e.g. User1 can only execute cat, touch, more, ls…
Salman Raza
  • 87
  • 2
  • 8
1
2 3