MyWebUniversity.com Home Page
 



OpenSolaris man pages main menu 


System Administration Commands                            rsh(1M)



NAME
     rsh, restrictedshell - restricted shell command interpreter

SYNOPSIS
     /usr/lib/rsh [-acefhiknprstuvx] [argument]...


DESCRIPTION
     rsh is a limiting version of  the  standard  command  inter-
     preter sh, used to restrict logins to execution environments
     whose capabilities are more controlled than those of sh (see
     sh(1) for complete description and usage).


     When the shell is invoked, it scans the environment for  the
     value  of  the environmental variable, SHEL. If it is found
     and rsh is the file  name  part  of  its  value,  the  shell
     becomes a restricted shell.


     The actions of rsh are identical to those of sh, except that
     the following are disallowed:

         o    changing directory (see cd(1)),

         o    setting the value of $PATH,

         o    pecifying path or command names containing /,

         o    redirecting output (> and >>).


     The restrictions above are enforced after .profile is inter-
     preted.


     A restricted shell can be invoked in one  of  the  following
     ways:

         1.   rsh is the file name part of the last entry in  the
              /etc/passwd file (see passwd(4));

         2.   the environment variable SHEL exists  and  rsh  is
              the  file  name  part of its value; the environment
              variable SHEL needs to be set in the .login file;

         3.   the shell is invoked and rsh is the file name  part
              of argument 0;

         4.   the shell is invoke with the -r option.





SunOS 5.11           Last change: 1 Nov 1993                    1






System Administration Commands                            rsh(1M)



     When a command to be executed is found to be  a  shell  pro-
     cedure,  rsh  invokes sh to execute it. Thus, it is possible
     to provide to  the  end-user  shell  procedures   that  have
     access to the full power of the standard shell, while impos-
     ing a limited menu of commands; this scheme assumes that the
     end-user  does not have write and execute permissions in the
     same directory.


     The net effect of these rules is  that  the  writer  of  the
     .profile  (see  profile(4))  has  complete control over user
     actions by performing guaranteed setup actions  and  leaving
     the user in an appropriate directory (probably not the login
     directory).


     The system administrator often sets up a directory  of  com-
     mands  (that  is, /usr/rbin) that can be safely invoked by a
     restricted shell. Some systems  also  provide  a  restricted
     editor, red.

EXIT STATUS
     Errors detected by the shell, such as syntax  errors,  cause
     the  shell to return a non-zero exit status. If the shell is
     being used non-interactively execution of the shell file  is
     abandoned.  Otherwise,  the shell returns the exit status of
     the last command executed.

ATRIBUTES
     See attributes(5) for descriptions of the  following  attri-
     butes:



     
           ATRIBUTE TYPE               ATRIBUTE VALUE       
    
     Availability                 SUNWcsu                     
    


SEE ALSO
     intro(1),  cd(1),   login(1),   rsh(1),   sh(1),    exec(2),
     passwd(4), profile(4), attributes(5)

NOTES
     The restricted shell, /usr/lib/rsh, should not  be  confused
     with  the remote shell, /usr/bin/rsh, which is documented in
     rsh(1).






SunOS 5.11           Last change: 1 Nov 1993                    2
OpenSolaris man pages main menu
Contact us      |       About us      |       Term of use      |       Copyright © 2000-2010 MyWebUniversity.com ™