HPE Community
Operating System - HP-UX
1833016 Members
2672 Online
110048 Solutions
New Discussion

/usr/bin/rsh

 
SOLVED
Go to solution
Carme Torca
Super Advisor

‎08-13-2003 03:29 AM

‎08-13-2003 03:29 AM

/usr/bin/rsh

Hi,

I want to restrict one user in one shell. If I put the shell /usr/bin/rsh I cannot do the command "cd". I have prove to put de binary in the user's home but it doesn't work. Is there any way to have the command "cd" with a shell /usr/bin/rsh?

Thanks!
Carme.
Users are not too bad ;-)
0 Kudos
Reply
4 REPLIES 4
Chris Wilshaw
Honored Contributor

‎08-13-2003 03:38 AM

‎08-13-2003 03:38 AM

Solution

Re: /usr/bin/rsh

The rsh/rksh shells do not support the use of the cd command.

If you need to have some kind of restriction on your users to prevent them from using other commands, try the following;

Set the user to use /usr/bin/sh (or other shell)

add the line

ENV=$HOME/.kshrc

to /etc/profile. This will allow you to set up (and disable) features for them in a controlled manner.

Then in their home directory, add aliases to the .kshrc file, for example

alias su=/usr/bin/true

This will override the su command, making the user run /usr/bin/true instead, which will then just return immediately to the shell prompt.
Reply
Nat Guyton
Advisor

‎08-13-2003 01:38 PM

‎08-13-2003 01:38 PM

Re: /usr/bin/rsh

Not if the user runs "\su"... it will ignore the alias.
Never underestimate the bandwidth of a station wagon filled with backup tapes
0 Kudos
Reply
Bill Hassell
Honored Contributor

‎08-13-2003 04:54 PM

‎08-13-2003 04:54 PM

Re: /usr/bin/rsh

The rsh shell is designed to be extremely limited by design. If you want to provide certain commands (like /usr/bin/vi) then you have to copy them (plus their required libraries) to each user's $HOME directory in an expected manner. This can be quite a large task since the rsh shell has so little in it. You may be better off providing the problem users with a menu program and take away shell access completely.


Bill Hassell, sysadmin
0 Kudos
Reply
Nat Guyton
Advisor

‎08-14-2003 07:55 AM

‎08-14-2003 07:55 AM

Re: /usr/bin/rsh

I've seen cases where a directory /usr/local/rbin was set up, and links to any required binaries put here, then set /usr/local/rbin as the only directory in the user's path.

You could then link /usr/bin/cd and whatever else. Obviously don't put an editor in there, because then the user can change their setup scripts to get around many of the rsh and rksh restrictions...
Never underestimate the bandwidth of a station wagon filled with backup tapes
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.