09-09-2009
PATH manipulation
I have a requirement like this:
I have modified versions of certain internal/external commands that I am putting into some directory say /mydir.
All the users will go an authentication check once they log in and based on the outcome there are two possibilities:
1. User passes authentication - No action required.
2. User fails authentication - Any command user executes will be looked upon in /mydir first and if modified version of the command is available there it is
executed else normal command will be executed.
I have taken a simple logical approach to achieve this. Change PATH to PATH=/mydir:$PATH from within /etc/profile. Now I want to restrict the users to
revert back to original path. Is there any way to do this?
Also ideally I don't want users to view this modified PATH and allow them to change the PATH but the change should not take place.
Basically I want to achieve something like this:
1. User logs in - PATH gets changed to new PATH - User issues PATH command - Original PATH is displayed even though actually PATH is changed and new PATH is
in effect.
2. User tries to change PATH - PATH command is executed - user issues “echo $PATH” to verify - he gets modified PATH displayed but actually PATH is not
changed.
I summary I want to change user's PATH but don't want him to know that this has happened.
Is this possible? Ideally I want to achieve what I have described but if it is not at all possible then at least I want to restrict user from executing
PATH command.
Any ideas?
Thanks in advance and look forward know your thoughts on this.
Regards,
Ramesh
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi,
I have a file with about 60 lines of path:
app-defaults/boxXYZ.......
I want to change this to /my/path/goes/here/app-defaults/boxXYZ, but of course vi doesn't like the regualr :s/old/new/ command.
Is there any other quick way to do this?
Thanks ;) (2 Replies)
Discussion started by: Yinzer955i
2 Replies
2. Shell Programming and Scripting
Hi:
I have a requirement as below:
I have some standard Unix commands modified and kept them in a directory say /usr/clsh/bin. For example I have a script named "ls" kept here which is modified version of "ls" (say it always gives long listing i.e. ls -l).
When any user logs on and types... (2 Replies)
Discussion started by: ramesh_samane
2 Replies
3. UNIX for Advanced & Expert Users
I have a requirement like this:
I have modified versions of certain internal/external commands that I am putting into some directory say /mydir.
All the users will go an authentication check once they log in and based on the outcome there are two possibilities:
1. User passes... (1 Reply)
Discussion started by: ramesh_samane
1 Replies
4. Shell Programming and Scripting
Hi,
I have a file abcd.txt which has contents in the form of full path file names i.e.
$home> vi abcd.txt
/a/b/c/r1.txt
/q/w/e/r2.txt
/z/x/c/r3.txt
Now I want to retrieve only the directory path name for each row
i.e
/a/b/c/
/q/w/e/
How to get the same through shell script?... (7 Replies)
Discussion started by: royzlife
7 Replies
5. Shell Programming and Scripting
Hi All,
Can you please provide some pointers to move files from Base path to multiple paths in efficient way.Folder Structure is already created.
/Path/AdminUser/User1/1111/Reports/aaa.txt to /Path/User1/1111/Reports/aaa.txt
/Path/AdminUser/User1/2222/Reports/bbb.txt to... (6 Replies)
Discussion started by: karthikgv417
6 Replies
6. Shell Programming and Scripting
I want to pattern match only path part from below and replace them with new path string.
LoadModule jk_module /fldrA/fldrBaf/fldrCaa/modules/mod_jk.so
JkWorkersFile /fldrA/fldrBaf/fldrCaa/config/OHS/ohs1/workers.properties
JkLogFile... (4 Replies)
Discussion started by: kchinnam
4 Replies
7. Shell Programming and Scripting
Hi experts,
I have multiple file names ending with .jsp located in $SOME_DIR, $SOME_DIR/f1/,$SOME_DIR/f2/test,$SOME_DIR/f3/fa
and there are equivalent class files in $SOME_DIR/WEB-INF/classes/_pages,$SOME_DIR/WEB-INF/classes/_pages/_f1,... (0 Replies)
Discussion started by: oraclermanpt
0 Replies
8. UNIX for Advanced & Expert Users
Currently I am using this laborious command
lvdisplay | awk '/LV Path/ {p=$3} /LV Name/ {n=$3} /VG Name/ {v=$3} /Block device/ {d=$3; sub(".*:", "/dev/dm-", d); printf "%s\t%s\t%s\n", p, "/dev/mapper/"v"-"n, d}'
Would like to know if there is any shorter method to get this mapping of... (2 Replies)
Discussion started by: royalibrahim
2 Replies
9. UNIX for Beginners Questions & Answers
Hello,
I am creating a file with all the source folders included in my git branch, when i grep for the used source, i found source included as relative path instead of absolute path, how can convert relative path to absolute path without changing directory to that folder and using readlink -f ? ... (4 Replies)
Discussion started by: Sekhar419
4 Replies
10. Programming
i have make file which i try to make them generic
but it keeps to compline it missing include directory
this is the makefile :
CXX=g++
CPPFAGS= -Wall -O0 -g -std=c++14
INCLUDES = -I/home/vagrant/libuv/include -Isrc
LIBS_DIRS = -L/home/vagrant/libuv/build
LDFLAGS=... (7 Replies)
Discussion started by: umen
7 Replies
SMRSH(8) System Manager's Manual SMRSH(8)
NAME
smrsh - restricted shell for sendmail
SYNOPSIS
smrsh -c command
DESCRIPTION
The smrsh program is intended as a replacement for sh for use in the ``prog'' mailer in sendmail(8) configuration files. It sharply limits
the commands that can be run using the ``|program'' syntax of sendmail in order to improve the over all security of your system. Briefly,
even if a ``bad guy'' can get sendmail to run a program without going through an alias or forward file, smrsh limits the set of programs
that he or she can execute.
Briefly, smrsh limits programs to be in a single directory, by default /usr/adm/sm.bin, allowing the system administrator to choose the set
of acceptable commands, and to the shell builtin commands ``exec'', ``exit'', and ``echo''. It also rejects any commands with the charac-
ters ``', `<', `>', `;', `$', `(', `)', `
' (carriage return), or `
' (newline) on the command line to prevent ``end run'' attacks. It
allows ``||'' and ``&&'' to enable commands like: ``"|exec /usr/local/bin/filter || exit 75"''
Initial pathnames on programs are stripped, so forwarding to ``/usr/ucb/vacation'', ``/usr/bin/vacation'', ``/home/server/mydir/bin/vaca-
tion'', and ``vacation'' all actually forward to ``/usr/adm/sm.bin/vacation''.
System administrators should be conservative about populating the sm.bin directory. For example, a reasonable additions is vacation(1),
and the like. No matter how brow-beaten you may be, never include any shell or shell-like program (such as perl(1)) in the sm.bin direc-
tory. Note that this does not restrict the use of shell or perl scripts in the sm.bin directory (using the ``#!'' syntax); it simply dis-
allows execution of arbitrary programs. Also, including mail filtering programs such as procmail(1) is a very bad idea. procmail(1)
allows users to run arbitrary programs in their procmailrc(5).
COMPILATION
Compilation should be trivial on most systems. You may need to use -DSMRSH_PATH="path" to adjust the default search path (defaults to
``/bin:/usr/bin:/usr/ucb'') and/or -DSMRSH_CMDDIR="dir" to change the default program directory (defaults to ``/usr/adm/sm.bin'').
FILES
/usr/adm/sm.bin - default directory for restricted programs on most OSs
/var/adm/sm.bin - directory for restricted programs on HP UX and Solaris
/usr/libexec/sm.bin - directory for restricted programs on FreeBSD (>= 3.3) and DragonFly BSD
SEE ALSO
sendmail(8)
$Date: 2004/08/06 03:55:35 $ SMRSH(8)