Operating System - HP-UX
1839241 Members
2344 Online
110137 Solutions
New Discussion

Re: Restricted shell and read access

 
pratham
Occasional Contributor

Restricted shell and read access

How can i give user read access when that particular user has restricted shell?
User cannot do cd to that particular path
5 REPLIES 5
Wouter Jagers
Honored Contributor

Re: Restricted shell and read access

In order to be able to cd to a particular path, the user should have execute permission on the directory.

Cheers,
Wout

an engineer's aim in a discussion is not to persuade, but to clarify.
Peter Godron
Honored Contributor

Re: Restricted shell and read access

Hi,
either you copy the file for the user
or
re-create the cd command for the user, as (by JRF):
"The restricted shell environment presumes that the commands you want a user to be able to execute are available in his/her PATH. In particular, a user cannot specify a command with '/' at its beginning, 'cd' to a directory; nor can they set their PATH variable."
or
remove the user from the restricted shell into a 'normal' shell.

Please also read:
http://forums1.itrc.hp.com/service/forums/helptips.do?#33 on how to reward any useful answers given to your questions.


Wouter Jagers
Honored Contributor

Re: Restricted shell and read access

*cough* sorry.. restricted shell. Read/posted too speedily. My apologies.
an engineer's aim in a discussion is not to persuade, but to clarify.
Bill Hassell
Honored Contributor

Re: Restricted shell and read access

Restricted shell (ie, rksh or rsh) means that the user has a different / or root directory. When the user logs in, the restricted shell runs chroot (see man page) to change the user's root directory to their $HOME directory. Therefore, nothing outside of the $HOME directory is visible and therefore impossible to access.

That is one of the reasons the restricted shell is not used a lot -- it is too restrictive. The only workaround is to replace the user's shell with a script that has a menu. The menu limits the commands allowed for each user and prevents exiting to a shell prompt.


Bill Hassell, sysadmin
John Kittel
Trusted Contributor

Re: Restricted shell and read access

It is not necessary to cd to a directory to be able to read a file there.

$ cd /tmp
rsh: cd: The operation is not allowed in a restricted shell.
$ ll /tmp/hello
-rw-rw-rw- 1 root sys 16 Feb 23 08:59 /tmp/hello
$ cat /tmp/hello
Hell, Oh World!
$