Solved

Login Running a Captive Shell Script

Posted on 2004-04-06
7
1,728 Views
Last Modified: 2013-12-27
I have written a shell script (ksh) that allows a user to use a menu selection to nfs mount remote partitions.  I want this shell script to automatically launch when the user logs into a dedicated login, run without the user being able to exit it <ctl c>, and log out when the user selects <exit> from the menu selections.  The login account will have sudoer permission to mount/unmount only.

Should the shell be launched from the .profile?
What needs to be in the shell to prevent a <ctl c>, etc, exit?
Special permissions on the script or the .profile?
Any "how-tos" in case I'm forgetting (to ask) something?

Tips/Comments/Suggestions appreciated!
Thanks.
0
Comment
Question by:dskhunter
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 12

Assisted Solution

by:stefan73
stefan73 earned 150 total points
ID: 10765607
Hi dskhunter,
You can trap signals and error conditions in ksh:

trap exit INT TERM HUP TSTP ERR

this will invoke exit for both CTRL-c and CTRL-z, errors, kill, etc.

See "man -s 3HEAD signal" for a list of all signals.



Cheers,
Stefan
0
 
LVL 21

Assisted Solution

by:tfewster
tfewster earned 150 total points
ID: 10765638
The simple, but not foolproof way: At the end of the .profile add the lines:

trap 'echo "Ctrl-C disabled" ' 1 2 3 15
/path/to/menu_script
exit


However, it may be possible for them to ^C out while the .profile is executing, before the trap, so either make the "trap" statement 1st thing in the .profile or alternatively:

Amend their login shell in /etc/passed to be "/path/to/menu_script";  You may need to add this to /etc/shells;  Put the trap and  exit statements in the menu script
0
 
LVL 12

Expert Comment

by:stefan73
ID: 10765743
dskhunter,
Just make sure that the login shell exits as soon as your shell script is finished. You could use .profile for the shell script. Also check that the trap command is the first you call.


Stefan
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 
LVL 6

Expert Comment

by:durindil
ID: 10769460
The best way to do this is set up an RBAC role, and a profile shell.  Trap the CTL-C inputs, and even if they can break out, they are still in the profile shell, and only have the permissions you assign to them.
0
 
LVL 4

Assisted Solution

by:Otetelisanu
Otetelisanu earned 50 total points
ID: 10772023
With the trap is OK but
you can start your programm
with
exec <program>

look man exec

0
 
LVL 4

Expert Comment

by:Otetelisanu
ID: 10772027
Sory
the exec <program> must be
in the .profile

0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 150 total points
ID: 10776448
write your shell like follows:

#!/bin/ksh
trap myexit 1 2 3 4 5 6 7 8 10 11 12 13 14 15
function myexit
{
  exit 1
}
# your stuff here
exit 0

then simply use this script in /etc/passwd as login shell
I'd never use .profile or alike for this
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Installing FreeBSD… FreeBSD is a darling of an operating system. The stability and usability make it a clear choice for servers and desktops (for the cunning). Savvy?  The Ports collection makes available every popular FOSS application and packag…
Using libpcap/Jpcap to capture and send packets on Solaris version (10/11) Library used: 1.      Libpcap (http://www.tcpdump.org) Version 1.2 2.      Jpcap(http://netresearch.ics.uci.edu/kfujii/Jpcap/doc/index.html) Version 0.6 Prerequisite: 1.      GCC …
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
Suggested Courses

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question