Re: Create my own shell? SOLVED
Many thanks to all people of this mailing list for all the replies. Finally, I have edited the files I've downloaded from http://mongers.org/gw_menu and make my own shell. Thanks ;) El Lunes, 25 de Julio de 2005 21:03, escribis: On 2005-07-25 16:01:49 +0200, Abel Talaversn Estevez wrote: I need to create a particular but simple shell for a firewall running OpenBSD 3.6. The idea is create a user whose shell is a very limited one. This shell or command line interpreter (CLI) must have permissions only in the home directory. How could I do this? Any ideas? Editing the source code of sh?, for example. Make my own cli? http://mongers.org/gw_menu But that might be too restricted for you. Have a nice day Morten -- Abel Talaversn Estevez Ingeniero Superior de Telecomunicaciones Analista de Proyectos OpenWired, S.L. C/ Caballero, 87 - 08029 - Barcelona (Spain) Tel (+34) 93/410 75 70 - Fax (+34) 93/419 45 91
Re: Create my own shell? SOLVED
:-) What about ctrl-Z, does that secure gateway menu script ignore that too? 2005/7/27, Abel Talaversn Estevez [EMAIL PROTECTED]: Many thanks to all people of this mailing list for all the replies. Finally, I have edited the files I've downloaded from http://mongers.org/gw_menu and make my own shell. Thanks ;) El Lunes, 25 de Julio de 2005 21:03, escribis: On 2005-07-25 16:01:49 +0200, Abel Talaversn Estevez wrote: I need to create a particular but simple shell for a firewall running OpenBSD 3.6. The idea is create a user whose shell is a very limited one. This shell or command line interpreter (CLI) must have permissions only in the home directory. How could I do this? Any ideas? Editing the source code of sh?, for example. Make my own cli? http://mongers.org/gw_menu But that might be too restricted for you.
Re: Create my own shell? SOLVED
Or if a user presses ctrl-C before the trap command is executed? 2005/7/27, Alexander Farber [EMAIL PROTECTED]: :-) What about ctrl-Z, does that secure gateway menu script ignore that too? 2005/7/27, Abel Talaversn Estevez [EMAIL PROTECTED]: http://mongers.org/gw_menu
Re: Create my own shell? SOLVED
On Wed, 27 Jul 2005 15:46:00 +0200 Alexander Farber [EMAIL PROTECTED] wrote: Or if a user presses ctrl-C before the trap command is executed? 2005/7/27, Alexander Farber [EMAIL PROTECTED]: :-) What about ctrl-Z, does that secure gateway menu script ignore that too? 2005/7/27, Abel Talaversn Estevez [EMAIL PROTECTED]: http://mongers.org/gw_menu Mmh ... Instead of being a smartmouth, you should think a little about what would really happen and not make assumptions based on nothing. let's make the assumption that trap was not even called. If a user presses ctrl-c the script will exit, closing the user's session. What did you expect it to do ? Spawn a shell from nothing ? -- chaton@
Re: Create my own shell? SOLVED
With Ctrl-c the shell doesn't finish. The shell file is showed here: #!/bin/sh # $Id: menu,v 1.5 2004/05/20 12:15:57 holsta Exp $ # # Menu wrapper for FireWired. Ctrl-C is ignored and user input is never # passed to the command line. PATH=$HOME/bin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/usr/games:. export PATH HOME TERM umask 077 HELP=/home/console/menu.help GREETING=/home/console/menu.greeting trap 2 grep -v ^# $GREETING while true do echo FireWired \c if read line then case $line in ) continue;; esac set -- $line case $1 in CASAV.bash) CASAV.bash;; CAcceso.bash) CAcceso.bash;; CActivarPolitica.sh)CActivarPolitica.sh;; CAnadirFiltroProxy.sh) CAnadirFiltroProxy.sh;; CAnadirPuertoProxy.sh) CAnadirPuertoProxy.sh;; CAnadirRedProxy.sh) CAnadirRedProxy.sh;; CApaga.sh) CApaga.sh;; CAplicarRFPProxy.sh)CAplicarRFPProxy.sh;; CAyuda.sh) CAyuda.sh;; CBorrarEncam.sh)CBorrarEncam.sh;; CBorrarEstad.sh)CBorrarEstad.sh;; CBorrarFiltroProxy.sh) CBorrarFiltroProxy.sh;; CBorrarObjeto.bash) CBorrarObjeto.bash;; CBorrarPolitica.sh) CBorrarPolitica.sh;; CBorrarPuertoProxy.sh) CBorrarPuertoProxy.sh;; CBorrarRedProxy.sh) CBorrarRedProxy.sh;; CBorrarRegla.bash) CBorrarRegla.bash;; CBorrarReglaBINAT.bash) CBorrarReglaBINAT.bash;; CBorrarReglaNAT.bash) CBorrarReglaNAT.bash;; CBorrarReglaPF.bash)CBorrarReglaPF.bash;; CBorrarReglaRDR.bash) CBorrarReglaRDR.bash;; CBorrarReglaVPN.bash) CBorrarReglaVPN.bash;; CBorrarRuta.bash) CBorrarRuta.bash;; CBridges.bash) CBridges.bash;; CConfFabrica.sh)CConfFabrica.sh;; CConsola.bash) CConsola.bash;; CCrearObjeto.bash) CCrearObjeto.bash;; CCrearPolitica.bash)CCrearPolitica.bash;; CCrearReglaBINAT.bash) CCrearReglaBINAT.bash;; CCrearReglaNAT.bash)CCrearReglaNAT.bash;; CCrearReglaPF.bash) CCrearReglaPF.bash;; CCrearReglaRDR.bash)CCrearReglaRDR.bash;; CCrearReglaVPN.bash)CCrearReglaVPN.bash;; CCrearRuta.bash)CCrearRuta.bash;; CDNS.sh)CDNS.sh;; CDepurar.sh)CDepurar.sh;; CDesactivarPolitica.sh) CDesactivarPolitica.sh;; CGW.sh) CGW.sh;; CInterfacesIP.bash) CInterfacesIP.bash;; CListaObj.sh) CListaObj.sh;; CLogout.sh) CLogout.sh;; CManuales.sh) CManuales.sh;; CModificarObjeto.bash) CModificarObjeto.bash;; CModificarReglaBINAT.bash) CModificarReglaBINAT.bash;; CModificarReglaNAT.bash)CModificarReglaNAT.bash;; CModificarReglaPF.bash) CModificarReglaPF.bash;; CModificarReglaRDR.bash)CModificarReglaRDR.bash;; CModificarReglaVPN.bash)CModificarReglaVPN.bash;; CMostrarPolActiva.sh) CMostrarPolActiva.sh;; CMostrarPoliticas.sh) CMostrarPoliticas.sh;; CMostrarPoliticasUser.sh) CMostrarPoliticasUser.sh;; CMostrarReglas.sh) CMostrarReglas.sh;; CMostrarReglasBINAT.sh) CMostrarReglasBINAT.sh;; CMostrarReglasNAT.sh) CMostrarReglasNAT.sh;; CMostrarReglasPF.sh)CMostrarReglasPF.sh;; CMostrarReglasRDR.sh) CMostrarReglasRDR.sh;; CMostrarReglasVPN.sh) CMostrarReglasVPN.sh;; CMoverReglaPF.bash) CMoverReglaPF.bash;; CMoverReglaVPN.bash)CMoverReglaVPN.bash;; CPassword.sh) CPassword.sh;; CPing.sh) CPing.sh;; CProxy.sh) CProxy.sh;; CProxyFtp.sh) CProxyFtp.sh;; CProxyTransp.sh)CProxyTransp.sh;; CReboot.sh) CReboot.sh;; CReloj.sh) CReloj.sh;; CSMTP.bash) CSMTP.bash;; CSsh.sh)CSsh.sh;; CTraceroute.sh) CTraceroute.sh;; CVPN.bash) CVPN.bash;; CVPNAnadirSucursal.bash)CVPNAnadirSucursal.bash;; CVPNClientes.bash)
Re: Create my own shell? SOLVED
Yes, maybe you're right. I've tried sneaking past if read line (a backslash newline would make it take more lines) and set -- $line (tried semiclons, redirections and backticks) and if match=`grep ^$1$ $HOSTS` ; then ssh $match ( . would match a buildhost ) and echo Unknown command or host: $line. ( tried \characters ) But didn't manage to break it :-) Yet!! Regards Alex 2005/7/27, chaton [EMAIL PROTECTED]: On Wed, 27 Jul 2005 15:46:00 +0200 Alexander Farber [EMAIL PROTECTED] wrote: Or if a user presses ctrl-C before the trap command is executed? 2005/7/27, Alexander Farber [EMAIL PROTECTED]: :-) What about ctrl-Z, does that secure gateway menu script ignore that too? 2005/7/27, Abel Talaversn Estevez [EMAIL PROTECTED]: http://mongers.org/gw_menu Mmh ... Instead of being a smartmouth, you should think a little about what would really happen and not make assumptions based on nothing. let's make the assumption that trap was not even called. If a user presses ctrl-c the script will exit, closing the user's session. What did you expect it to do ? Spawn a shell from nothing ? -- chaton@
Re: Create my own shell? SOLVED
On Wed, 27 Jul 2005 16:27:32 +0200 Abel Talaversn Estevez [EMAIL PROTECTED] wrote: With Ctrl-c the shell doesn't finish. The shell file is showed here: [...] That was my point.