HPE Community
Operating System - HP-UX
1834485 Members
3297 Online
110067 Solutions
New Discussion

Re: osh - The Operator Shell

 
A. Daniel King_1
Super Advisor

‎05-15-2002 02:50 PM

‎05-15-2002 02:50 PM

osh - The Operator Shell

Does anyone here know of an alternative to osh - the operator shell? It is similar to sudo, but it allows access as a shell. It seems that this project died some time back, but the concept has some value.

http://www.engarde.com/~mcn/osh.html

I've tried subbing to the mailing list (dead), and I was wondering if anyone here had tried this under HP-UX 11.0. I've got it compiled using gcc 3.0.4, but it seems a bit buggy - even after specifying commands in the allowed-execution table, the commands remain unavailable.

$./osh
A. Daniel King (dking)
Operator Shell version 1.7
myhost.dking (/usr/local/src/osh) #> ls
/bin/sh: /usr/bin/ls: Execute permission denied.

table:
dking
{
ls /usr/bin/ls
exit NULL
}

It would be great if there were a way to allow roaming, shell-type access to our system - without the ability to destroy things. Is there an alternative? A fix? An active user community?
Command-Line Junkie
0 Kudos
Reply
4 REPLIES 4
Tom Geudens
Honored Contributor

‎05-15-2002 08:39 PM

‎05-15-2002 08:39 PM

Re: osh - The Operator Shell

Hi,
I had a look at this some time ago ... but I'm afraid the project is dead :-(. The alternative is creating a "chrooted" (jail) environment yourself, but that is VERY timeconsuming (in my opinion). In our environment we use a very strict sudo (specific commands for specific users) ... which is (again in my opinion) the best "low cost / low effort / best results"-solution.

Regards,
Tom
A life ? Cool ! Where can I download one of those from ?
0 Kudos
Reply
Steve Steel
Honored Contributor

‎05-15-2002 11:09 PM

‎05-15-2002 11:09 PM

Re: osh - The Operator Shell

Hi

Look at

http://hpux.cs.utah.edu/hppd/hpux/Shells/osh-1.7/


Get there by
www.software.hp.com
public domain software
search on osh


Steve steel
If you want truly to understand something, try to change it. (Kurt Lewin)
0 Kudos
Reply
A. Daniel King_1
Super Advisor

‎05-16-2002 06:45 AM

‎05-16-2002 06:45 AM

Re: osh - The Operator Shell

I've got sudo up and going - it works well.

However, osh would provide the ability to do something like:

>cd /home/dking
>ls

I can get the cd to work, but the ls is dying. I've been looking at the code, and I think the issue has something to do with the way execv() is called.

Perhaps there are some further examples of the access/execute table - specifically for HP-UX?

Or perhaps there exists a shell-type wrapper for sudo?
Command-Line Junkie
0 Kudos
Reply
A. Daniel King_1
Super Advisor

‎05-16-2002 07:45 AM

‎05-16-2002 07:45 AM

Re: osh - The Operator Shell

Perhaps I'm looking at this the wrong way. Is there a way to allow read access to the entire system, but not to change anything?
Command-Line Junkie
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.