Emergency UNIX and Linux Support

Hi there,

I have a Debian 5.0 server that my company uses for deployment testing. This server needs to be accessed by NOC people that have no NIX knowledge whatsoever.

I am creating a bash script for a menu-based command interface for the commands they need to run on their testing routines, but I wanted to know how can I force a user, upon login, to access this script (when he logins, this script is run) and nothing else (when he is finished, i.e., choose "X" for exit), the system log out the user.

Need help from the wise man

You can create a log in hook, that when that specific user logs in, say via ssh a script runs. Then you can post an interactive script that runs with that log in hook...

example:

Code:

#!/bin/bash

selection=
until [ "$selection" = "0" ]; do
    echo ""
    echo "Select an option please"
    echo "1 - Do something"
    echo "2 - Display something"
    echo "3 - third option"
    echo "4 - Print something"
    echo "5 - List some stuff"
    echo "6 - Display system information"
    echo "0 - exit and log out"
    echo " "
    echo -n "Enter selection: "
    read selection
    echo ""
    case $selection in
    1)  some command ;;
    2)  some command ;;
    3)  some command ;;
    4)  some command ;;
    5)  some command ;;
    6)  some command ;;
    0)  exit and log out ;;
*) echo "Please select a valid option"

done

That is just a quick and dirty example, and you would of course have to input the text and the related commands. I have used a similar script in the past to automate imaging PCs with Zen imaging from Novell. You can probably have init.d run this but I am a bit rusty on that.

Yep, I mean, I have my script done on bash for the commands, but what I need help is how I hook it to the user login, and make sure that when the script exits, the user gets logged out...

All of my *nix work in the past 5 years has been on the Apple platform so I am really loving launchd for this exact sort of thing, however, /etc/init.d should be able to do lots of similar things. So you would want to put your script in /etc/init.d/myscript but I am not quite sure how to make it user specific. In debain do they have any init.d run level stuff in a user's home folder?

The only other thing I can think of, is edit that user's bash profile (.profile, .bashrc, or whatever it is in Debian) to execute that script as part of the bash start up (or whatever shell you are using) that way when they ssh into the server it will auto execute at their user level.

Replace the shell in /etc/passwd with the name of the script.
Make sure that the script contains all the required path statements etc.

Depending on the system you may also need to add it to /etc/shells in order to allow it. But otherwise, this should work well for most UNIX systems -- the original script gets run directly, with no intermediate commands the user can interrupt, redirect, fold, spindle, or mutilate.

Note that it becomes your script's responsibility to set up its environment properly since there's no longer a login shell to do that for it -- it is the login shell

For further restriction yet your script could use a feature-restricted shell like /bin/rbash, which greatly reduces the shenanigans possible even if the user somehow manages to inject arbitrary input into your script. Or just make the user's login /bin/rbash and call your script from their bashrc files.

Okay, I'll try some of this tomorrow but it sounds like what I am looking for. I have already on my script the exit commands to logout, but should the user break the script I still want him to be logged out or to return to the script, meaning I do not want him getting to the shell prompt by no means.