Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: How to set a non-login non-interactive shell for a user?
Homework and Emergencies Homework & Coursework Questions How to set a non-login non-interactive shell for a user? Post 302929992 by RudiC on Monday 29th of December 2014 10:45:29 AM
Old 12-29-2014
While I've some difficulty understanding the problem (item 2. in post #1), let me try to clarify some things:
On a system, you have login users (A) and non-login users (B). And, you have interactive (C) and non-interactive (D) access.
Combinations:
A+C is the normal user, logged in via a terminal (his interaction tool).
A+D can be a background process run by a logged in user, supplying the -l option to e.g. bash.
B+C would be an interactive shell run as a subprocess / subshell by an application.
B+D could be a service or a daemon started at boot time and running under a B user.

The command /usr/sbin/nologin (/bin/non-login I do not know about) is NOT a shell, but it prevents the respective user to log in.
Shells are command line interpreters (CLI) that enable the user to interact with the system. If your system has /ets/shells, list that to see some available shells:
Code:
linux:
/bin/sh
/bin/dash
/bin/bash
/bin/rbash
or (Free)BSD:
/bin/csh
/bin/tcsh
/usr/local/bin/bash
/usr/local/bin/rbash

These 2 Users Gave Thanks to RudiC For This Post:
me_me_me RavinderSingh13
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

How to hide user inputted text for interactive unix shell script?

Hi everybody, Do you know how to hide the text for interactive unix shell script? Just like the case for inputting password during logon. Patrick (1 Reply)
Discussion started by: patrickpang
1 Replies

2. Shell Programming and Scripting

how to write a shell script to login to a system which is interactive.

Can anybody help me to write a shell script to login interactive system once u open a connection using telnet it will ask for USERCODE: PASSWORD: DOMAIN: (1 Reply)
Discussion started by: sudhakaryadav
1 Replies

3. Homework & Coursework Questions

Help with Interactive / Non Interactive Shell script

Q. Write a script that behaves both in interactive and non interactive mode. When no arguments are supplied it picks up each C program from the directory and prints first 10 lines. It then prompts for deletion of the file. If user supplies arguments with the script , then it works on those files... (1 Reply)
Discussion started by: rits
1 Replies

4. UNIX for Dummies Questions & Answers

$USER is not set in remsh but works fine via ssh login

1) ssh a@b echo $USER it display the correct value as a (even though i have not defined it in .profile) 2) remsh b -l a echo $USER it does not display the value as a (variable is not set any idea why $USER variable is not initialized when i login via remsh or rlogin but shows the... (10 Replies)
Discussion started by: reldb
10 Replies

5. UNIX for Dummies Questions & Answers

What is login and interactive shell?

Hi Guys, Excuse if am asking silly Que ... :rolleyes: Please explain me whats difference between login and interactive shell in Linux .. Have googled but still in doubt .. :confused: --Shirish Shukla (4 Replies)
Discussion started by: Shirishlnx
4 Replies

6. Shell Programming and Scripting

How to Login as another user through Shell script from current user[Not Root]

Hi Every body, I would need a shell script program to login as different user and perform some copy commands in the script. example: Supppose ora_toms is the active user ora_toms should be able to run a script where user: ftptomsp pass: XXX should login through and run the commands ... (9 Replies)
Discussion started by: ujjwal27
9 Replies

7. Solaris

HOW to set unlimited login attempts for user in Solaris?

Hi Admins, HOW to set unlimited login attempts for user in Solaris ? And do I need to insatll any packages before doing this? Thanks. (1 Reply)
Discussion started by: manalisharmabe
1 Replies

8. Homework & Coursework Questions

How to set for a user a non-login shell?

Use and complete the template provided. The entire template must be completed. If you don't, your post may be deleted! 1. The problem statement, all variables and given/known data: I am a root in a Unix system. My shell is bash. 2. Relevant commands, code, scripts, algorithms: How to set... (1 Reply)
Discussion started by: me_me_me
1 Replies

9. UNIX for Beginners Questions & Answers

Non-interactive & non-login shell environment?

Hello and thanks in advance for any help anyone can offer to straighten me out on this subject I'm trying to understand non-interactive & non-login shells and having a hard time conceptualize the process a non-interactive & non-login shell goes through to start up. Particularly for background... (7 Replies)
Discussion started by: bodisha
7 Replies

10. Shell Programming and Scripting

Recording user input from interactive shell script

Hello, I want to start out by saying that I am fairly new to scripting and am looking for someone that can point me in the right direction. Basically what I need is a way to run a interactive script that will prompt users with questions weather that be yes/no or a specific answer.. I want to be... (3 Replies)
Discussion started by: shoutcast
3 Replies

LEARN ABOUT CENTOS

httpd_webalizer_script_selinux

httpd_webalizer_script_selinux(8)		       SELinux Policy httpd_webalizer_script			 httpd_webalizer_script_selinux(8)

NAME

       httpd_webalizer_script_selinux - Security Enhanced Linux Policy for the httpd_webalizer_script processes

DESCRIPTION

       Security-Enhanced Linux secures the httpd_webalizer_script processes via flexible mandatory access control.

       The httpd_webalizer_script processes execute with the httpd_webalizer_script_t SELinux type. You can check if you have these processes run-
       ning by executing the ps command with the -Z qualifier.

       For example:

       ps -eZ | grep httpd_webalizer_script_t

ENTRYPOINTS

       The httpd_webalizer_script_t SELinux type can be entered via the shell_exec_t, httpd_webalizer_script_exec_t, httpd_webalizer_script_exec_t
       file types.

       The default entrypoint paths for the httpd_webalizer_script_t domain are the following:

       /bin/d?ash,  /bin/zsh.*,  /bin/ksh.*, /usr/bin/d?ash, /usr/bin/zsh.*, /usr/bin/ksh.*, /bin/esh, /bin/mksh, /bin/sash, /bin/tcsh, /bin/yash,
       /bin/bash, /bin/fish, /bin/bash2, /usr/bin/esh, /usr/bin/sash, /usr/bin/tcsh, /usr/bin/yash, /usr/bin/fish,  /usr/bin/mksh,  /usr/bin/bash,
       /sbin/nologin, /usr/sbin/sesh, /usr/bin/bash2, /usr/sbin/smrsh, /usr/bin/scponly, /usr/sbin/nologin, /usr/libexec/sesh, /usr/sbin/scponlyc,
       /usr/bin/git-shell, /usr/libexec/git-core/git-shell

PROCESS TYPES

       SELinux defines process types (domains) for each process running on the system

       You can see the context of a process using the -Z option to ps

       Policy governs the access confined processes have to files.  SELinux httpd_webalizer_script policy is very flexible allowing users to setup
       their httpd_webalizer_script processes in as secure a method as possible.

       The following process types are defined for httpd_webalizer_script:

       httpd_webalizer_script_t

       Note:  semanage	permissive  -a	httpd_webalizer_script_t can be used to make the process type httpd_webalizer_script_t permissive. SELinux
       does not deny access to permissive process types, but the AVC (SELinux denials) messages are still generated.

BOOLEANS

       SELinux policy is customizable based on least access required.  httpd_webalizer_script policy is extremely flexible and has  several  bool-
       eans that allow you to manipulate the policy and run httpd_webalizer_script with the tightest access possible.

       If  you	want  to  deny	any  process  from ptracing or debugging any other processes, you must turn on the deny_ptrace boolean. Enabled by
       default.

       setsebool -P deny_ptrace 1

       If you want to allow all domains to use other domains file descriptors, you must turn on the domain_fd_use boolean. Enabled by default.

       setsebool -P domain_fd_use 1

       If you want to allow all domains to have the kernel load modules, you must turn on  the	domain_kernel_load_modules  boolean.  Disabled	by
       default.

       setsebool -P domain_kernel_load_modules 1

       If you want to allow all domains to execute in fips_mode, you must turn on the fips_mode boolean. Enabled by default.

       setsebool -P fips_mode 1

       If you want to enable reading of urandom for all domains, you must turn on the global_ssp boolean. Disabled by default.

       setsebool -P global_ssp 1

       If you want to allow httpd cgi support, you must turn on the httpd_enable_cgi boolean. Disabled by default.

       setsebool -P httpd_enable_cgi 1

       If you want to allow system to run with NIS, you must turn on the nis_enabled boolean. Disabled by default.

       setsebool -P nis_enabled 1

MANAGED FILES

       The SELinux process type httpd_webalizer_script_t can manage files labeled with the following file types.  The paths listed are the default
       paths for these file types.  Note the processes UID still need to have DAC permissions.

       httpd_webalizer_rw_content_t

COMMANDS

       semanage fcontext can also be used to manipulate default file context mappings.

       semanage permissive can also be used to manipulate whether or not a process type is permissive.

       semanage module can also be used to enable/disable/install/remove policy modules.

       semanage boolean can also be used to manipulate the booleans

       system-config-selinux is a GUI tool available to customize SELinux policy settings.

AUTHOR

       This manual page was auto-generated using sepolicy manpage .

SEE ALSO

       selinux(8), httpd_webalizer_script(8), semanage(8), restorecon(8), chcon(1), sepolicy(8) , setsebool(8)

httpd_webalizer_script						     14-06-10					 httpd_webalizer_script_selinux(8)
All times are GMT -4. The time now is 10:23 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy