Solved

Login Running a Captive Shell Script

Posted on 2004-04-06
7
1,715 Views
Last Modified: 2013-12-27
I have written a shell script (ksh) that allows a user to use a menu selection to nfs mount remote partitions.  I want this shell script to automatically launch when the user logs into a dedicated login, run without the user being able to exit it <ctl c>, and log out when the user selects <exit> from the menu selections.  The login account will have sudoer permission to mount/unmount only.

Should the shell be launched from the .profile?
What needs to be in the shell to prevent a <ctl c>, etc, exit?
Special permissions on the script or the .profile?
Any "how-tos" in case I'm forgetting (to ask) something?

Tips/Comments/Suggestions appreciated!
Thanks.
0
Comment
Question by:dskhunter
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 12

Assisted Solution

by:stefan73
stefan73 earned 150 total points
ID: 10765607
Hi dskhunter,
You can trap signals and error conditions in ksh:

trap exit INT TERM HUP TSTP ERR

this will invoke exit for both CTRL-c and CTRL-z, errors, kill, etc.

See "man -s 3HEAD signal" for a list of all signals.



Cheers,
Stefan
0
 
LVL 21

Assisted Solution

by:tfewster
tfewster earned 150 total points
ID: 10765638
The simple, but not foolproof way: At the end of the .profile add the lines:

trap 'echo "Ctrl-C disabled" ' 1 2 3 15
/path/to/menu_script
exit


However, it may be possible for them to ^C out while the .profile is executing, before the trap, so either make the "trap" statement 1st thing in the .profile or alternatively:

Amend their login shell in /etc/passed to be "/path/to/menu_script";  You may need to add this to /etc/shells;  Put the trap and  exit statements in the menu script
0
 
LVL 12

Expert Comment

by:stefan73
ID: 10765743
dskhunter,
Just make sure that the login shell exits as soon as your shell script is finished. You could use .profile for the shell script. Also check that the trap command is the first you call.


Stefan
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 6

Expert Comment

by:durindil
ID: 10769460
The best way to do this is set up an RBAC role, and a profile shell.  Trap the CTL-C inputs, and even if they can break out, they are still in the profile shell, and only have the permissions you assign to them.
0
 
LVL 4

Assisted Solution

by:Otetelisanu
Otetelisanu earned 50 total points
ID: 10772023
With the trap is OK but
you can start your programm
with
exec <program>

look man exec

0
 
LVL 4

Expert Comment

by:Otetelisanu
ID: 10772027
Sory
the exec <program> must be
in the .profile

0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 150 total points
ID: 10776448
write your shell like follows:

#!/bin/ksh
trap myexit 1 2 3 4 5 6 7 8 10 11 12 13 14 15
function myexit
{
  exit 1
}
# your stuff here
exit 0

then simply use this script in /etc/passwd as login shell
I'd never use .profile or alike for this
0

Featured Post

Enroll in May's Course of the Month

May’s Course of the Month is now available! Experts Exchange’s Premium Members and Team Accounts have access to a complimentary course each month as part of their membership—an extra way to increase training and boost professional development.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Attention: This article will no longer be maintained. If you have any questions, please feel free to mail me. jgh@FreeBSD.org Please see http://www.freebsd.org/doc/en_US.ISO8859-1/articles/freebsd-update-server/ for the updated article. It is avail…
I have been running these systems for a few years now and I am just very happy with them.   I just wanted to share the manual that I have created for upgrades and other things.  Oooh yes! FreeBSD makes me happy (as a server), no maintenance and I al…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question