GNU Rush |
|
Restricted User Shell |
Sergey Poznyakoff |
System actions provide an interface to the operating system.
Set the umask. The mask must be an octal value not greater than ‘0777’. The default umask is ‘022’.
Changes the current group ID to group-id, which is either a numeric value or a name of an existing group.
Change the root directory to that specified in dir. This directory will be used for file names beginning with ‘/’. The argument is subject to tilde, variable, and backreference expansions. During tilde expansion, a tilde (‘~’) at the start of string is replaced with the absolute pathname of the user’s home directory. The two other expansions are described in variable expansion, and backreference expansion.
The directory dir must be properly set up to execute the
commands. For example, the following rule defines execution of
sftp-server
in an environment, chrooted to the user’s home
directory:
rule sftp command ^.*/sftp-server set[0] bin/sftp-server chroot ~
For this to work, each user’s home must contain the directory bin with a copy of sftp-server in it, as well as all directories and files that are needed for executing it, in particular lib.
Change to the directory dir. The argument is subject to
tilde, variable (see variable expansion), and backreference
expansions (see backreference expansion). If both
chdir
and chroot
are specified, then chroot
is
executed first.
Impose limits on system resources, as defined by res. The
argument consists of commands, optionally separated by any
amount of whitespace. A command is a single command letter followed
by a number, that specifies the limit. The command letters are
case-insensitive and coincide with those used by the shell ulimit
utility:
Command | The limit it sets |
---|---|
A | max address space (KB) |
C | max core file size (KB) |
D | max data size (KB) |
F | maximum file size (KB) |
M | max locked-in-memory address space (KB) |
N | max number of open files |
R | max resident set size (KB) |
S | max stack size (KB) |
T | max CPU time (MIN) |
U | max number of processes |
L | max number of logins for this user (see below) |
P | process priority -20..20 (negative = high priority) |
For example:
limits T10 R20 U16 P20
If some limit cannot be set, execution of the rule aborts. In
particular, ‘L’ limit can be regarded as a condition, rather than
action. The setting limit Ln
succeeds only if no
more than n rush
instances are simultaneously running for
the same user. This can be used to limit the number of simultaneously
open sessions.
The use of ‘L’ resource automatically enables forked mode. See Accounting and Forked Mode, for more information about it.
This document was generated on June 29, 2019 using makeinfo.
Verbatim copying and distribution of this entire article is permitted in any medium, provided this notice is preserved.