HPE Community
Operating System - HP-UX
1752754 Members
5600 Online
108789 Solutions
New Discussion юеВ

Re: Force /sbin/sh to act as a login shell

 
SOLVED
Go to solution
Richard Ross
Regular Advisor

тАО05-31-2006 01:32 PM

тАО05-31-2006 01:32 PM

Force /sbin/sh to act as a login shell

We're doing something convoluted ;-)

We're forcing a script (needs to run on other unix platforms) to run during ssh key authentication via the ssh option 'command=' which is attached to a public key in authorized_keys2.

The purpose of the command= option is to force a command to a particular key and to exit .. But we want to use this command to record whose public key is being used to login to the userid. If a command (SSH_ORIGINAL_COMMAND) was passed along with the ssh command, then the command is read, evaluated then the script exits. But, if SSH_ORIGINAL_COMMAND was not passed, then we want the person to login normally. Now with BASH, we can use the '-l' parm to simulate a login shell. /sbin/sh does not have this capability. Does anyone know how I can start /bin/sh so that /etc/profile /home/~HOME/.profile gets executed?

This is for the root userid, so /sbin/sh is required

This is part of the code .. Obviously, the HP-UX piece isn't working ;-)

if [ "${SSH_ORIGINAL_COMMAND}" ]
then
logger $myProg: ${1} from ${SSH_CLIENT%% *} ran COMMAND: "${SSH_ORIGINAL_COMMAND%% *}" as $LOGNAME using ssh
eval ${SSH_ORIGINAL_COMMAND}
else
logger $myProg: ${1} from ${SSH_CLIENT%% *} logged in as $LOGNAME using ssh
cat /etc/motd
echo "${1} from ${SSH_CLIENT%% *} is loggin in as $LOGNAME"
if [[ $myOS = "HP-UX" ]]; then
. ./.profile
. ./.kshrc
exec /sbin/sh
elif [[ $myOS = "Linux" ]]; then
exec /bin/bash -l
else
exec /usr/bin/bash -l
fi

Thanks for any pointers
Richard
0 Kudos
Reply
7 REPLIES 7
Olivier Masse
Honored Contributor

тАО05-31-2006 02:02 PM

тАО05-31-2006 02:02 PM

Re: Force /sbin/sh to act as a login shell

I'm telling this out of my head, I don't have access to an HP-UX this evening to check it out.

For sh or ksh to be a started as a login shell, they must be invoked as "-sh" or "-ksh". If you do a ps -ef, you'll see that login shells should be started that way. But as far as I remember, there is no way to do this directly from the shell or a script, even a symlink won't work. In the past, to do this I found a way by writing a wrapper in C that just ran exec() with -sh as the process name.

Here is a trimmed down snippet that explains how to do it:
execlp("/bin/sh", "-sh", (char *) 0)

So in your case you put this wrapper in your script to invoke a honest-to-goodness sh as a login shell.

This may be way overkill, but it worked for me. If you nobody else finds a solution, write back and I'll be able to give you a workable snippet tomorrow.

Olivier
Reply
curt larson_1
Honored Contributor

тАО05-31-2006 02:13 PM

тАО05-31-2006 02:13 PM

Re: Force /sbin/sh to act as a login shell

from the manual

If the shell is invoked by an exec*() system call and the first character of argument zero (shell parameter 0) is dash (-), the shell is assumed to be a login shell and commands are read first from /etc/profile, then from either .profile in the current directory or $HOME/.profile if either file exists, and finally from the file named by performing parameter substitution on the value of the environment parameter ENV, if the file exists.

so somewhere along the login process, login or another executable is doing an exec () system call to start the shell.

your shell command exec does an exec system call.

maybe from the above poster's information and the exec () system call manual page, you can put together an exec command that will do what you desire
0 Kudos
Reply
curt larson_1
Honored Contributor

тАО05-31-2006 02:28 PM

тАО05-31-2006 02:28 PM

Re: Force /sbin/sh to act as a login shell

you could try doing using the one line perl program: exec '/sbin/sh' '-sh';

but i don't know if that will work the way you want it to in single user mode but then ssh probably isn't either
Reply
curt larson_1
Honored Contributor

тАО05-31-2006 02:36 PM

тАО05-31-2006 02:36 PM

Re: Force /sbin/sh to act as a login shell

just try the same thing in your shell and see if it work:
exex /sbin/sh -sh
0 Kudos
Reply
Richard Ross
Regular Advisor

тАО06-01-2006 12:08 PM

тАО06-01-2006 12:08 PM

Re: Force /sbin/sh to act as a login shell

Curt/Olivier

Thanks for your input ..

Curt, The script didn't work as well as the Perl example and Olivier, Not a C person.

I think the easiest way to get around this is to install bash, and just call 'bash -l', but I would still be interested if the Perl wrapper would work.

Thanks again



0 Kudos
Reply
curt larson_1
Honored Contributor

тАО06-01-2006 02:23 PM

тАО06-01-2006 02:23 PM

Solution

Re: Force /sbin/sh to act as a login shell

from http://perldoc.perl.org/functions/exec.html

here are the two example they have

$shell = '/bin/csh';
exec $shell '-sh';

and

exec {'/bin/csh'} '-sh';
Reply
Richard Ross
Regular Advisor

тАО06-01-2006 11:29 PM

тАО06-01-2006 11:29 PM

Re: Force /sbin/sh to act as a login shell

Curt .. Thanks .. appreciate the follow up
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.