How to set a non-login non-interactive shell for a user?

 
Thread Tools Search this Thread
Homework and Emergencies Homework & Coursework Questions How to set a non-login non-interactive shell for a user?
# 1  
Old 12-28-2014
How to set a non-login non-interactive shell for a user?

I am sorry for creating a new topic after my previous inquiry was closed, but I tried and tried and I do not know how to edit my previous post. This is not exactly any homework, this is one of 40 questions we were expected to prepare for one of the labs. I searched and read what I could and still do not know the answer to this problem.

1. The problem statement, all variables and given/known data:
I am a root in a Unix system. My shell is bash.


2. Relevant commands, code, scripts, algorithms:
How to set for a certain user:
* a non-login interactive shell,
* a login, non-interactive shell,
* a non-login, non-interactive shell.


3. The attempts at a solution (include all code and scripts):
I read everything I could find, I only found information which files are read by different types of shells. I cannot find anywhere how to change a shell for a user to make it:
- noninteractive and non-login,
- non-interactive and login,
- interactive and non-login.

What I know:
I can use useradd or adduser with -s option to set a certain shell, but I do not know what to write after this option.
I know that I can edit /etc/passwd file and for a certain user change the last column to /bin/non-login. I do not know what shell version I get if I do it. It will be non-login allright but interactive or non-interactive?


4. Complete Name of School (University), City (State), Country, Name of Professor, and Course Number (Link to Course):
name: Akademia Górniczo-Hutnicza w Krakowie
city: Cracow
country: Poland,
Name of Professor: Grzegorz Nalepa, Krzysztof Kluza

Link to the course (I was not allowed by some mechanism on this website to post any URLs but I am required to do so by the formular therefore I re-wrote the link to the course that the site does recognise that it is a URL: [eidz ti ti pi colon slash slash ai dot ia dot agh dot edu dot pl slash wiki slash pl colon dydaktyka colon unix colon start ]

We do not use numbers for the courses so I cannot provide any course number. It is called Introduction to Unix (Wstęp do systemów Unix).
# 2  
Old 12-29-2014
While I've some difficulty understanding the problem (item 2. in post #1), let me try to clarify some things:
On a system, you have login users (A) and non-login users (B). And, you have interactive (C) and non-interactive (D) access.
Combinations:
A+C is the normal user, logged in via a terminal (his interaction tool).
A+D can be a background process run by a logged in user, supplying the -l option to e.g. bash.
B+C would be an interactive shell run as a subprocess / subshell by an application.
B+D could be a service or a daemon started at boot time and running under a B user.

The command /usr/sbin/nologin (/bin/non-login I do not know about) is NOT a shell, but it prevents the respective user to log in.
Shells are command line interpreters (CLI) that enable the user to interact with the system. If your system has /ets/shells, list that to see some available shells:
Code:
linux:
/bin/sh
/bin/dash
/bin/bash
/bin/rbash
or (Free)BSD:
/bin/csh
/bin/tcsh
/usr/local/bin/bash
/usr/local/bin/rbash

These 2 Users Gave Thanks to RudiC For This Post:
# 3  
Old 12-29-2014
About how to create or change such a user, you can read into:
Code:
man useradd
man usermod

hth
# 4  
Old 12-29-2014
So If I understand correctly I cannot change a certain user's shell to non-interactive and/or no-login one. The only thing I can do is to change its shell to /etc/nologin to prevent this user's logging-in. So this is why I could not find the answer to my problem anywhere - such an answer does not exist Smilie.
My homework question was about using chsh command in the non-interactive mode (Can one use chsh command in the non-interactive mode?).. I thought it was about setting a certain's user shell to a non-interactive mode. I see now that I was wrong in understanding this question. Thank you so much for making me see this/
# 5  
Old 12-29-2014
Ok... it gets sort of shell specific. Shells will source in certain files if the are "interactive".... however, some shell allow you to override that... With that said, often time trying to override it will break things... so for example if somebody does:

Code:
ssh noninteractiveuser@somemachine.com sh -i

Which is fairly generic and pretty portable... you'd get this weird pseudotty-less interactive session on the remote host. It may error, and of course, it won't work like a true interactive shell... and note, other things won't work right without a tty.... so it's "ok" and a common hackers way to get an almost interactive session going.

But... since Linux has effectively stomped Unix into the ground, we can assume that all shells are bash nowadays :-). If so, the shell variable dash (e.g. $-) will contain attributes enabled on the shell... if it contains an "i" then the shell is interactive. So, in the case of our hack attempt above, you won't get an "i" in the string returned.

So... can you set a user up as a non-interactive user? I hope you can see the answer is yes and if using bash, you may even be able to circumvent typical ways of getting around it (but probably not every way).

The rest is left as an exercise for the reader.... can't give you all the answers!!

---------- Post updated at 04:05 PM ---------- Previous update was at 03:56 PM ----------

I'm feeling generous...

Put this into the .bashrc of the user:

Code:
echo "$-" | grep 'i' && exit 0

---------- Post updated at 04:14 PM ---------- Previous update was at 04:05 PM ----------

aack... it's buggy... not well thought out... the sh -i trick works against it. But anyway, probably will lead you to a solution.

---------- Post updated at 04:28 PM ---------- Previous update was at 04:14 PM ----------

Ok... scrap class... anyone know of a way to circumvent ssh ... sh -i and make that not work? I smell a vulnerability in bash.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Recording user input from interactive shell script

Hello, I want to start out by saying that I am fairly new to scripting and am looking for someone that can point me in the right direction. Basically what I need is a way to run a interactive script that will prompt users with questions weather that be yes/no or a specific answer.. I want to be... (3 Replies)
Discussion started by: shoutcast
3 Replies

2. UNIX for Beginners Questions & Answers

Non-interactive & non-login shell environment?

Hello and thanks in advance for any help anyone can offer to straighten me out on this subject I'm trying to understand non-interactive & non-login shells and having a hard time conceptualize the process a non-interactive & non-login shell goes through to start up. Particularly for background... (7 Replies)
Discussion started by: bodisha
7 Replies

3. Homework & Coursework Questions

How to set for a user a non-login shell?

Use and complete the template provided. The entire template must be completed. If you don't, your post may be deleted! 1. The problem statement, all variables and given/known data: I am a root in a Unix system. My shell is bash. 2. Relevant commands, code, scripts, algorithms: How to set... (1 Reply)
Discussion started by: me_me_me
1 Replies

4. Solaris

HOW to set unlimited login attempts for user in Solaris?

Hi Admins, HOW to set unlimited login attempts for user in Solaris ? And do I need to insatll any packages before doing this? Thanks. (1 Reply)
Discussion started by: manalisharmabe
1 Replies

5. Shell Programming and Scripting

How to Login as another user through Shell script from current user[Not Root]

Hi Every body, I would need a shell script program to login as different user and perform some copy commands in the script. example: Supppose ora_toms is the active user ora_toms should be able to run a script where user: ftptomsp pass: XXX should login through and run the commands ... (9 Replies)
Discussion started by: ujjwal27
9 Replies

6. UNIX for Dummies Questions & Answers

What is login and interactive shell?

Hi Guys, Excuse if am asking silly Que ... :rolleyes: Please explain me whats difference between login and interactive shell in Linux .. Have googled but still in doubt .. :confused: --Shirish Shukla (4 Replies)
Discussion started by: Shirishlnx
4 Replies

7. UNIX for Dummies Questions & Answers

$USER is not set in remsh but works fine via ssh login

1) ssh a@b echo $USER it display the correct value as a (even though i have not defined it in .profile) 2) remsh b -l a echo $USER it does not display the value as a (variable is not set any idea why $USER variable is not initialized when i login via remsh or rlogin but shows the... (10 Replies)
Discussion started by: reldb
10 Replies

8. Homework & Coursework Questions

Help with Interactive / Non Interactive Shell script

Q. Write a script that behaves both in interactive and non interactive mode. When no arguments are supplied it picks up each C program from the directory and prints first 10 lines. It then prompts for deletion of the file. If user supplies arguments with the script , then it works on those files... (1 Reply)
Discussion started by: rits
1 Replies

9. Shell Programming and Scripting

how to write a shell script to login to a system which is interactive.

Can anybody help me to write a shell script to login interactive system once u open a connection using telnet it will ask for USERCODE: PASSWORD: DOMAIN: (1 Reply)
Discussion started by: sudhakaryadav
1 Replies

10. Shell Programming and Scripting

How to hide user inputted text for interactive unix shell script?

Hi everybody, Do you know how to hide the text for interactive unix shell script? Just like the case for inputting password during logon. Patrick (1 Reply)
Discussion started by: patrickpang
1 Replies
Login or Register to Ask a Question