0

I have set up some test account to beta implement rbash to limit users from doing to much on the server. Currently I am using .bash_profile to set bash -r for these profiles. But when a user types exit they drop into the normal bash shell.

I would like to make it so when they type exit to logoff the server. Otherwise bash -r won't help restrict that access.

Please let me know any thought you have.

Falcon Momot
  • 25,244
  • 15
  • 63
  • 92
user2821177
  • 11
  • 2

3 Answers3

1

Set the users' login shell to rbash via the -s option of useradd or usermod, eg.

usermod -s /bin/rbash luser

if your rbash executable is at /bin/rbash.

Tilman Schmidt
  • 4,101
  • 12
  • 27
  • When I user `usermod -s rbash test` login dose not work. it updates the `/etc/passwd file to test:x:uid:gid::home/test:rbash` I need to update it back to `/bin/bash` to allow login. – user2821177 Nov 23 '15 at 23:43
  • 1
    Try giving the correct path to rbash in the `-s` option. Hint: `-s bash` wouldn't work either. If it still doesn't work, try to provide a proper problem description. Hint: "does not work" isn't one. – Tilman Schmidt Nov 23 '15 at 23:57
1

The exact answer to your question is to

exec bash -r

That will replace the login shell with rbash, not simply launch a child process..

The best answer is to change the user's login shell.

glenn jackman
  • 4,630
  • 1
  • 17
  • 20
0

Here is the fix for /bin/bash not showing up then do the 

sudo ln -s /bin/bash /bin/rbash
sudo bash -c ‘echo “/bin/rbash” >> /etc/shells’
sudo chsh -s /bin/rbash ruser

then do this to change the user shell

chsh -s /bin/rbash test
user2821177
  • 11
  • 2