10 More Discussions You Might Find Interesting
1. AIX
Hi,
I am planning to install a version of Informatica on my AIX box. It requires a specific java build in pap6470_27sr2-20141101_01(SR2).
The current link for IBM 64-bit SDK for AIX®, JavaTM Technology Edition, Version 7 Release 1 has a more recent version in j7r164redist.7.1.0.75.bin.
Is... (4 Replies)
Discussion started by: meetpraveens
4 Replies
2. UNIX for Dummies Questions & Answers
Hi there,
I'm trying to setup sudo privileges for a user, Oracle in this case, to run Unix commands like mv,chmod, chown, mkdir, rmdir against their own set of commands or scripts.
Is there an easier way to do this than to give Unix commands for each of their respective commands as shown below... (2 Replies)
Discussion started by: mbak
2 Replies
3. OS X (Apple)
Q1. I understand that /usr/local/bin means I can install/uninstall stuff in here and have any chance of messing up my original system files or effecting any other users. I created this directory myself.
But what about the directory I didn't create, namely /Users/m/bin? How is that directory... (1 Reply)
Discussion started by: michellepace
1 Replies
4. Cybersecurity
we are looking at changing the way we get root on our network.
in our current system if an admin needs root access he just gets the root password and uses an su.
some of our staff have decided that a sudo to "/bin/sh" will be easer.
some of our staff think a sudo to "su -" will be better.
I... (0 Replies)
Discussion started by: robsonde
0 Replies
5. UNIX for Dummies Questions & Answers
Hi!
All the basic linux commands, ie. echo, find, etc, are located in /bin. I have a couple of programs that have these commands pointed towards /usr/bin, ie, /usr/bin/echo (even though the actual 'echo' command is in /bin). How can I alias or redirect or link the /usr/bin to /bin just for this... (6 Replies)
Discussion started by: dancerat
6 Replies
6. UNIX for Dummies Questions & Answers
Hi,
I have a problem I don't understand with fuser.
I launch a simple shell script mysleep.sh:
I launch the command fuser -fu mysleep.sh but fuser doesn't return anything excepted:
mysleep:
Then I modify my script switching from #!/bin/sh to #!/bin/ksh
I launch the command fuser -fu... (4 Replies)
Discussion started by: Peuj
4 Replies
7. Shell Programming and Scripting
I have an application that requires su to root in order to run some commands. Unfortunately, my corporate policy only allows sudo so I created an alias in .profile as "alias su="su myaccount". My external application logs in with the first account no problem, it then runs 'exec /bin/sh' and then... (1 Reply)
Discussion started by: stulincoln
1 Replies
8. Shell Programming and Scripting
I am trying to execute a command via sudo through ssh...
something like this...
ssh -t a@b "sudo command"
getting an error saying sudo: command not found
what could be the prb? (3 Replies)
Discussion started by: wannalearn
3 Replies
9. UNIX for Advanced & Expert Users
I'm using personal user to enter telnet session then manually connecting to a generic user using the following :
sudo -H -u $1 ksh -c ". ~$1/.profile && cd ~$1 && ksh" ;
where $1 is the generic user.
It works but in the ".profile" execution , the alias are not working
when the generic... (7 Replies)
Discussion started by: Nicol
7 Replies
10. UNIX for Dummies Questions & Answers
I just set up an ftp server with Red Hat 5.2. I am doing the work, I'm baby stepping, but it seems like every step I get stuck. Currently, I'm trying to set up a crontab job, but I'm getting the following message: /bin/sh: /usr/bin/vi: No such file or directory. I see that vi exists in /bin/vi,... (3 Replies)
Discussion started by: kwalter
3 Replies
SMRSH(8) System Manager's Manual SMRSH(8)
NAME
smrsh - restricted shell for sendmail
SYNOPSIS
smrsh -c command
DESCRIPTION
The smrsh program is intended as a replacement for sh for use in the ``prog'' mailer in sendmail(8) configuration files. It sharply limits
the commands that can be run using the ``|program'' syntax of sendmail in order to improve the over all security of your system. Briefly,
even if a ``bad guy'' can get sendmail to run a program without going through an alias or forward file, smrsh limits the set of programs
that he or she can execute.
Briefly, smrsh limits programs to be in a single directory, by default /usr/libexec/sm.bin, allowing the system administrator to choose the
set of acceptable commands, and to the shell builtin commands ``exec'', ``exit'', and ``echo''. It also rejects any commands with the
characters ``', `<', `>', `;', `$', `(', `)', `
' (carriage return), or `
' (newline) on the command line to prevent ``end run'' attacks.
It allows ``||'' and ``&&'' to enable commands like: ``"|exec /usr/local/bin/filter || exit 75"''
Initial pathnames on programs are stripped, so forwarding to ``/usr/bin/vacation'', ``/home/server/mydir/bin/vacation'', and ``vacation''
all actually forward to ``/usr/libexec/sm.bin/vacation''.
System administrators should be conservative about populating the sm.bin directory. For example, a reasonable additions is vacation(1),
and the like. No matter how brow-beaten you may be, never include any shell or shell-like program (such as perl(1)) in the sm.bin direc-
tory. Note that this does not restrict the use of shell or perl scripts in the sm.bin directory (using the ``#!'' syntax); it simply dis-
allows execution of arbitrary programs. Also, including mail filtering programs such as procmail(1) is a very bad idea. procmail(1)
allows users to run arbitrary programs in their procmailrc(5).
COMPILATION
Compilation should be trivial on most systems. You may need to use -DSMRSH_PATH="path" to adjust the default search path (defaults to
``/bin:/usr/bin'') and/or -DSMRSH_CMDDIR="dir" to change the default program directory (defaults to ``/usr/libexec/sm.bin'').
FILES
/usr/adm/sm.bin - default directory for restricted programs on most OSs
/var/adm/sm.bin - directory for restricted programs on HP UX and Solaris
/usr/libexec/sm.bin - directory for restricted programs on FreeBSD (>= 3.3) and DragonFly BSD
SEE ALSO
sendmail(8)
$Date: 2013-11-22 20:52:00 $ SMRSH(8)